OpenVPN
socket.c
Go to the documentation of this file.
1/*
2 * OpenVPN -- An application to securely tunnel IP networks
3 * over a single TCP/UDP port, with support for SSL/TLS-based
4 * session authentication and key exchange,
5 * packet encryption, packet authentication, and
6 * packet compression.
7 *
8 * Copyright (C) 2002-2025 OpenVPN Inc <sales@openvpn.net>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2
12 * as published by the Free Software Foundation.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, see <https://www.gnu.org/licenses/>.
21 */
22
23#ifdef HAVE_CONFIG_H
24#include "config.h"
25#endif
26
27#include "syshead.h"
28
29#include "socket.h"
30#include "fdmisc.h"
31#include "misc.h"
32#include "gremlin.h"
33#include "plugin.h"
34#include "ps.h"
35#include "run_command.h"
36#include "manage.h"
37#include "misc.h"
38#include "manage.h"
39#include "openvpn.h"
40#include "forward.h"
41
42#include "memdbg.h"
43
44bool
46{
47 int i;
48
49 for (i = 0; i < c->c1.link_sockets_num; i++)
50 {
52 {
53 return true;
54 }
55 }
56 return false;
57}
58
59/*
60 * Convert sockflags/getaddr_flags into getaddr_flags
61 */
62static unsigned int
63sf2gaf(const unsigned int getaddr_flags, const unsigned int sockflags)
64{
65 if (sockflags & SF_HOST_RANDOMIZE)
66 {
67 return getaddr_flags | GETADDR_RANDOMIZE;
68 }
69 else
70 {
71 return getaddr_flags;
72 }
73}
74
75/*
76 * Functions related to the translation of DNS names to IP addresses.
77 */
78static int
79get_addr_generic(sa_family_t af, unsigned int flags, const char *hostname, void *network,
80 unsigned int *netbits, int resolve_retry_seconds, struct signal_info *sig_info,
81 int msglevel)
82{
83 char *endp, *sep, *var_host = NULL;
84 struct addrinfo *ai = NULL;
85 unsigned long bits;
86 uint8_t max_bits;
87 int ret = -1;
88
89 if (!hostname)
90 {
91 msg(M_NONFATAL, "Can't resolve null hostname!");
92 goto out;
93 }
94
95 /* assign family specific default values */
96 switch (af)
97 {
98 case AF_INET:
99 bits = 0;
100 max_bits = sizeof(in_addr_t) * 8;
101 break;
102
103 case AF_INET6:
104 bits = 64;
105 max_bits = sizeof(struct in6_addr) * 8;
106 break;
107
108 default:
109 msg(M_WARN, "Unsupported AF family passed to getaddrinfo for %s (%d)", hostname, af);
110 goto out;
111 }
112
113 /* we need to modify the hostname received as input, but we don't want to
114 * touch it directly as it might be a constant string.
115 *
116 * Therefore, we clone the string here and free it at the end of the
117 * function */
118 var_host = strdup(hostname);
119 if (!var_host)
120 {
121 msg(M_NONFATAL | M_ERRNO, "Can't allocate hostname buffer for getaddrinfo");
122 goto out;
123 }
124
125 /* check if this hostname has a /bits suffix */
126 sep = strchr(var_host, '/');
127 if (sep)
128 {
129 bits = strtoul(sep + 1, &endp, 10);
130 if ((*endp != '\0') || (bits > max_bits))
131 {
132 msg(msglevel, "IP prefix '%s': invalid '/bits' spec (%s)", hostname, sep + 1);
133 goto out;
134 }
135 *sep = '\0';
136 }
137
138 ret = openvpn_getaddrinfo(flags & ~GETADDR_HOST_ORDER, var_host, NULL, resolve_retry_seconds,
139 sig_info, af, &ai);
140 if ((ret == 0) && network)
141 {
142 struct in6_addr *ip6;
143 in_addr_t *ip4;
144
145 switch (af)
146 {
147 case AF_INET:
148 ip4 = network;
149 *ip4 = ((struct sockaddr_in *)ai->ai_addr)->sin_addr.s_addr;
150
151 if (flags & GETADDR_HOST_ORDER)
152 {
153 *ip4 = ntohl(*ip4);
154 }
155 break;
156
157 case AF_INET6:
158 ip6 = network;
159 *ip6 = ((struct sockaddr_in6 *)ai->ai_addr)->sin6_addr;
160 break;
161
162 default:
163 /* can't get here because 'af' was previously checked */
164 msg(M_WARN, "Unsupported AF family for %s (%d)", var_host, af);
165 goto out;
166 }
167 }
168
169 if (netbits)
170 {
171 *netbits = bits;
172 }
173
174 /* restore '/' separator, if any */
175 if (sep)
176 {
177 *sep = '/';
178 }
179out:
180 freeaddrinfo(ai);
181 free(var_host);
182
183 return ret;
184}
185
186in_addr_t
187getaddr(unsigned int flags, const char *hostname, int resolve_retry_seconds, bool *succeeded,
188 struct signal_info *sig_info)
189{
190 in_addr_t addr;
191 int status;
192
193 status = get_addr_generic(AF_INET, flags, hostname, &addr, NULL, resolve_retry_seconds,
194 sig_info, M_WARN);
195 if (status == 0)
196 {
197 if (succeeded)
198 {
199 *succeeded = true;
200 }
201 return addr;
202 }
203 else
204 {
205 if (succeeded)
206 {
207 *succeeded = false;
208 }
209 return 0;
210 }
211}
212
213bool
214get_ipv6_addr(const char *hostname, struct in6_addr *network, unsigned int *netbits, int msglevel)
215{
216 if (get_addr_generic(AF_INET6, GETADDR_RESOLVE, hostname, network, netbits, 0, NULL, msglevel)
217 < 0)
218 {
219 return false;
220 }
221
222 return true; /* parsing OK, values set */
223}
224
225static inline bool
226streqnull(const char *a, const char *b)
227{
228 if (a == NULL && b == NULL)
229 {
230 return true;
231 }
232 else if (a == NULL || b == NULL)
233 {
234 return false;
235 }
236 else
237 {
238 return streq(a, b);
239 }
240}
241
242/*
243 * get_cached_dns_entry return 0 on success and -1
244 * otherwise. (like getaddrinfo)
245 */
246static int
247get_cached_dns_entry(struct cached_dns_entry *dns_cache, const char *hostname, const char *servname,
248 int ai_family, int resolve_flags, struct addrinfo **ai)
249{
250 struct cached_dns_entry *ph;
251 int flags;
252
253 /* Only use flags that are relevant for the structure */
254 flags = resolve_flags & GETADDR_CACHE_MASK;
255
256 for (ph = dns_cache; ph; ph = ph->next)
257 {
259 && ph->ai_family == ai_family && ph->flags == flags)
260 {
261 *ai = ph->ai;
262 return 0;
263 }
264 }
265 return -1;
266}
267
268
269static int
270do_preresolve_host(struct context *c, const char *hostname, const char *servname, const int af,
271 const int flags)
272{
273 struct addrinfo *ai;
274 int status;
275
276 if (get_cached_dns_entry(c->c1.dns_cache, hostname, servname, af, flags, &ai) == 0)
277 {
278 /* entry already cached, return success */
279 return 0;
280 }
281
282 status = openvpn_getaddrinfo(flags, hostname, servname, c->options.resolve_retry_seconds, NULL,
283 af, &ai);
284 if (status == 0)
285 {
286 struct cached_dns_entry *ph;
287
288 ALLOC_OBJ_CLEAR_GC(ph, struct cached_dns_entry, &c->gc);
289 ph->ai = ai;
290 ph->hostname = hostname;
291 ph->servname = servname;
293
294 if (!c->c1.dns_cache)
295 {
296 c->c1.dns_cache = ph;
297 }
298 else
299 {
300 struct cached_dns_entry *prev = c->c1.dns_cache;
301 while (prev->next)
302 {
303 prev = prev->next;
304 }
305 prev->next = ph;
306 }
307
309 }
310 return status;
311}
312
313void
315{
316 struct connection_list *l = c->options.connection_list;
319
320
321 for (int i = 0; i < l->len; ++i)
322 {
323 int status;
324 const char *remote;
325 int flags = preresolve_flags;
326
327 struct connection_entry *ce = l->array[i];
328
329 if (proto_is_dgram(ce->proto))
330 {
332 }
333
335 {
337 }
338
339 if (c->options.ip_remote_hint)
340 {
342 }
343 else
344 {
345 remote = ce->remote;
346 }
347
348 /* HTTP remote hostname does not need to be resolved */
349 if (!ce->http_proxy_options)
350 {
352 if (status != 0)
353 {
354 goto err;
355 }
356 }
357
358 /* Preresolve proxy */
359 if (ce->http_proxy_options)
360 {
362 ce->http_proxy_options->port, ce->af, preresolve_flags);
363
364 if (status != 0)
365 {
366 goto err;
367 }
368 }
369
370 if (ce->socks_proxy_server)
371 {
372 status =
374 if (status != 0)
375 {
376 goto err;
377 }
378 }
379
380 if (ce->bind_local)
381 {
383 flags &= ~GETADDR_RANDOMIZE;
384
385 for (int j = 0; j < ce->local_list->len; j++)
386 {
387 struct local_entry *le = ce->local_list->array[j];
388
389 if (!le->local)
390 {
391 continue;
392 }
393
394 status = do_preresolve_host(c, le->local, le->port, ce->af, flags);
395 if (status != 0)
396 {
397 goto err;
398 }
399 }
400 }
401 }
402 return;
403
404err:
405 throw_signal_soft(SIGHUP, "Preresolving failed");
406}
407
408static int
410{
411#if defined(SOL_SOCKET) && defined(SO_SNDBUF)
412 int val;
413 socklen_t len;
414
415 len = sizeof(val);
416 if (getsockopt(sd, SOL_SOCKET, SO_SNDBUF, (void *)&val, &len) == 0 && len == sizeof(val))
417 {
418 return val;
419 }
420#endif
421 return 0;
422}
423
424static void
426{
427#if defined(SOL_SOCKET) && defined(SO_SNDBUF)
428 if (setsockopt(sd, SOL_SOCKET, SO_SNDBUF, (void *)&size, sizeof(size)) != 0)
429 {
430 msg(M_WARN, "NOTE: setsockopt SO_SNDBUF=%d failed", size);
431 }
432#endif
433}
434
435static int
437{
438#if defined(SOL_SOCKET) && defined(SO_RCVBUF)
439 int val;
440 socklen_t len;
441
442 len = sizeof(val);
443 if (getsockopt(sd, SOL_SOCKET, SO_RCVBUF, (void *)&val, &len) == 0 && len == sizeof(val))
444 {
445 return val;
446 }
447#endif
448 return 0;
449}
450
451static bool
453{
454#if defined(SOL_SOCKET) && defined(SO_RCVBUF)
455 if (setsockopt(sd, SOL_SOCKET, SO_RCVBUF, (void *)&size, sizeof(size)) != 0)
456 {
457 msg(M_WARN, "NOTE: setsockopt SO_RCVBUF=%d failed", size);
458 return false;
459 }
460 return true;
461#endif
462}
463
464void
465socket_set_buffers(socket_descriptor_t fd, const struct socket_buffer_size *sbs, bool reduce_size)
466{
467 if (sbs)
468 {
469 const int sndbuf_old = socket_get_sndbuf(fd);
470 const int rcvbuf_old = socket_get_rcvbuf(fd);
471
472 if (sbs->sndbuf && (reduce_size || sndbuf_old < sbs->sndbuf))
473 {
474 socket_set_sndbuf(fd, sbs->sndbuf);
475 }
476
477 if (sbs->rcvbuf && (reduce_size || rcvbuf_old < sbs->rcvbuf))
478 {
479 socket_set_rcvbuf(fd, sbs->rcvbuf);
480 }
481
482 msg(D_OSBUF, "Socket Buffers: R=[%d->%d] S=[%d->%d]", rcvbuf_old, socket_get_rcvbuf(fd),
483 sndbuf_old, socket_get_sndbuf(fd));
484 }
485}
486
487/*
488 * Set other socket options
489 */
490
491static bool
493{
494#if defined(_WIN32) || (defined(IPPROTO_TCP) && defined(TCP_NODELAY))
495 if (setsockopt(sd, IPPROTO_TCP, TCP_NODELAY, (void *)&state, sizeof(state)) != 0)
496 {
497 msg(M_WARN, "NOTE: setsockopt TCP_NODELAY=%d failed", state);
498 return false;
499 }
500 else
501 {
502 dmsg(D_OSBUF, "Socket flags: TCP_NODELAY=%d succeeded", state);
503 return true;
504 }
505#else /* if defined(_WIN32) || (defined(IPPROTO_TCP) && defined(TCP_NODELAY)) */
506 msg(M_WARN, "NOTE: setsockopt TCP_NODELAY=%d failed (No kernel support)", state);
507 return false;
508#endif
509}
510
511static inline void
513{
514#if defined(TARGET_LINUX) && HAVE_DECL_SO_MARK
515 if (mark && setsockopt(sd, SOL_SOCKET, SO_MARK, (void *)&mark, sizeof(mark)) != 0)
516 {
517 msg(M_WARN, "NOTE: setsockopt SO_MARK=%d failed", mark);
518 }
519#endif
520}
521
522static bool
523socket_set_flags(socket_descriptor_t sd, unsigned int sockflags)
524{
525 /* SF_TCP_NODELAY doesn't make sense for dco-win */
526 if ((sockflags & SF_TCP_NODELAY) && (!(sockflags & SF_DCO_WIN)))
527 {
528 return socket_set_tcp_nodelay(sd, 1);
529 }
530 else
531 {
532 return true;
533 }
534}
535
536bool
537link_socket_update_flags(struct link_socket *sock, unsigned int sockflags)
538{
539 if (sock && socket_defined(sock->sd))
540 {
541 sock->sockflags |= sockflags;
542 return socket_set_flags(sock->sd, sock->sockflags);
543 }
544 else
545 {
546 return false;
547 }
548}
549
550void
551link_socket_update_buffer_sizes(struct link_socket *sock, int rcvbuf, int sndbuf)
552{
553 if (sock && socket_defined(sock->sd))
554 {
555 sock->socket_buffer_sizes.sndbuf = sndbuf;
556 sock->socket_buffer_sizes.rcvbuf = rcvbuf;
557 socket_set_buffers(sock->sd, &sock->socket_buffer_sizes, true);
558 }
559}
560
561/*
562 * SOCKET INITIALIZATION CODE.
563 * Create a TCP/UDP socket
564 */
565
567create_socket_tcp(struct addrinfo *addrinfo)
568{
570
571 ASSERT(addrinfo);
572 ASSERT(addrinfo->ai_socktype == SOCK_STREAM);
573
574 if ((sd = socket(addrinfo->ai_family, addrinfo->ai_socktype, addrinfo->ai_protocol)) < 0)
575 {
576 msg(M_ERR, "Cannot create TCP socket");
577 }
578
579#ifndef _WIN32 /* using SO_REUSEADDR on Windows will cause bind to succeed on port conflicts! */
580 /* set SO_REUSEADDR on socket */
581 {
582 int on = 1;
583 if (setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)) < 0)
584 {
585 msg(M_ERR, "TCP: Cannot setsockopt SO_REUSEADDR on TCP socket");
586 }
587 }
588#endif
589
590 /* set socket file descriptor to not pass across execs, so that
591 * scripts don't have access to it */
592 set_cloexec(sd);
593
594 return sd;
595}
596
598create_socket_udp(struct addrinfo *addrinfo, const unsigned int flags)
599{
601
602 ASSERT(addrinfo);
603 ASSERT(addrinfo->ai_socktype == SOCK_DGRAM);
604
605 if ((sd = socket(addrinfo->ai_family, addrinfo->ai_socktype, addrinfo->ai_protocol)) < 0)
606 {
607 msg(M_ERR, "UDP: Cannot create UDP/UDP6 socket");
608 }
609#if ENABLE_IP_PKTINFO
610 else if (flags & SF_USE_IP_PKTINFO)
611 {
612 int pad = 1;
613 if (addrinfo->ai_family == AF_INET)
614 {
615#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
616 if (setsockopt(sd, SOL_IP, IP_PKTINFO, (void *)&pad, sizeof(pad)) < 0)
617 {
618 msg(M_ERR, "UDP: failed setsockopt for IP_PKTINFO");
619 }
620#elif defined(IP_RECVDSTADDR)
621 if (setsockopt(sd, IPPROTO_IP, IP_RECVDSTADDR, (void *)&pad, sizeof(pad)) < 0)
622 {
623 msg(M_ERR, "UDP: failed setsockopt for IP_RECVDSTADDR");
624 }
625#else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
626#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
627#endif
628 }
629 else if (addrinfo->ai_family == AF_INET6)
630 {
631#ifndef IPV6_RECVPKTINFO /* Some older Darwin platforms require this */
632 if (setsockopt(sd, IPPROTO_IPV6, IPV6_PKTINFO, (void *)&pad, sizeof(pad)) < 0)
633#else
634 if (setsockopt(sd, IPPROTO_IPV6, IPV6_RECVPKTINFO, (void *)&pad, sizeof(pad)) < 0)
635#endif
636 {
637 msg(M_ERR, "UDP: failed setsockopt for IPV6_RECVPKTINFO");
638 }
639 }
640 }
641#endif /* if ENABLE_IP_PKTINFO */
642
643 /* set socket file descriptor to not pass across execs, so that
644 * scripts don't have access to it */
645 set_cloexec(sd);
646
647 return sd;
648}
649
650static void
651bind_local(struct link_socket *sock, const sa_family_t ai_family)
652{
653 /* bind to local address/port */
654 if (sock->bind_local)
655 {
656 if (sock->socks_proxy && sock->info.proto == PROTO_UDP)
657 {
658 socket_bind(sock->ctrl_sd, sock->info.lsa->bind_local, ai_family, "SOCKS", false);
659 }
660 else
661 {
662 socket_bind(sock->sd, sock->info.lsa->bind_local, ai_family, "TCP/UDP",
663 sock->info.bind_ipv6_only);
664 }
665 }
666}
667
668static void
669create_socket(struct link_socket *sock, struct addrinfo *addr)
670{
671 if (addr->ai_protocol == IPPROTO_UDP || addr->ai_socktype == SOCK_DGRAM)
672 {
673 sock->sd = create_socket_udp(addr, sock->sockflags);
675
676 /* Assume that control socket and data socket to the socks proxy
677 * are using the same IP family */
678 if (sock->socks_proxy)
679 {
680 /* Construct a temporary addrinfo to create the socket,
681 * currently resolve two remote addresses is not supported,
682 * TODO: Rewrite the whole resolve_remote */
683 struct addrinfo addrinfo_tmp = *addr;
684 addrinfo_tmp.ai_socktype = SOCK_STREAM;
685 addrinfo_tmp.ai_protocol = IPPROTO_TCP;
686 sock->ctrl_sd = create_socket_tcp(&addrinfo_tmp);
687 }
688 }
689 else if (addr->ai_protocol == IPPROTO_TCP || addr->ai_socktype == SOCK_STREAM)
690 {
691 sock->sd = create_socket_tcp(addr);
692 }
693 else
694 {
695 ASSERT(0);
696 }
697 /* Set af field of sock->info, so it always reflects the address family
698 * of the created socket */
699 sock->info.af = addr->ai_family;
700
701 /* set socket buffers based on --sndbuf and --rcvbuf options */
702 socket_set_buffers(sock->sd, &sock->socket_buffer_sizes, true);
703
704 /* set socket to --mark packets with given value */
705 socket_set_mark(sock->sd, sock->mark);
706
707#if defined(TARGET_LINUX)
708 if (sock->bind_dev)
709 {
710 msg(M_INFO, "Using bind-dev %s", sock->bind_dev);
711 if (setsockopt(sock->sd, SOL_SOCKET, SO_BINDTODEVICE, sock->bind_dev,
712 strlen(sock->bind_dev) + 1)
713 != 0)
714 {
715 msg(M_WARN | M_ERRNO, "WARN: setsockopt SO_BINDTODEVICE=%s failed", sock->bind_dev);
716 }
717 }
718#endif
719
720 bind_local(sock, addr->ai_family);
721}
722
723#ifdef TARGET_ANDROID
724static void
725protect_fd_nonlocal(int fd, const struct sockaddr *addr)
726{
727 if (!management)
728 {
729 msg(M_FATAL, "Required management interface not available.");
730 }
731
732 /* pass socket FD to management interface to pass on to VPNService API
733 * as "protected socket" (exempt from being routed into tunnel)
734 */
735 if (addr_local(addr))
736 {
737 msg(D_SOCKET_DEBUG, "Address is local, not protecting socket fd %d", fd);
738 return;
739 }
740
741 msg(D_SOCKET_DEBUG, "Protecting socket fd %d", fd);
742 management->connection.fdtosend = fd;
743 management_android_control(management, "PROTECTFD", __func__);
744}
745#endif
746
747/*
748 * Functions used for establishing a TCP stream connection.
749 */
750static void
751socket_do_listen(socket_descriptor_t sd, const struct addrinfo *local, bool do_listen,
752 bool do_set_nonblock)
753{
754 struct gc_arena gc = gc_new();
755 if (do_listen)
756 {
757 ASSERT(local);
758 msg(M_INFO, "Listening for incoming TCP connection on %s",
759 print_sockaddr(local->ai_addr, &gc));
760 if (listen(sd, 32))
761 {
762 msg(M_ERR, "TCP: listen() failed");
763 }
764 }
765
766 /* set socket to non-blocking mode */
767 if (do_set_nonblock)
768 {
769 set_nonblock(sd);
770 }
771
772 gc_free(&gc);
773}
774
776socket_do_accept(socket_descriptor_t sd, struct link_socket_actual *act, const bool nowait)
777{
778 /* af_addr_size WILL return 0 in this case if AFs other than AF_INET
779 * are compiled because act is empty here.
780 * could use getsockname() to support later remote_len check
781 */
782 socklen_t remote_len_af = af_addr_size(act->dest.addr.sa.sa_family);
783 socklen_t remote_len = sizeof(act->dest.addr);
785
786 CLEAR(*act);
787
788 if (nowait)
789 {
790 new_sd = getpeername(sd, &act->dest.addr.sa, &remote_len);
791
792 if (!socket_defined(new_sd))
793 {
794 msg(D_LINK_ERRORS | M_ERRNO, "TCP: getpeername() failed");
795 }
796 else
797 {
798 new_sd = sd;
799 }
800 }
801 else
802 {
803 new_sd = accept(sd, &act->dest.addr.sa, &remote_len);
804 }
805
806#if 0 /* For debugging only, test the effect of accept() failures */
807 {
808 static int foo = 0;
809 ++foo;
810 if (foo & 1)
811 {
812 new_sd = -1;
813 }
814 }
815#endif
816
817 if (!socket_defined(new_sd))
818 {
819 msg(D_LINK_ERRORS | M_ERRNO, "TCP: accept(%d) failed", (int)sd);
820 }
821 /* only valid if we have remote_len_af!=0 */
822 else if (remote_len_af && remote_len != remote_len_af)
823 {
825 "TCP: Received strange incoming connection with unknown address length=%d", remote_len);
826 openvpn_close_socket(new_sd);
827 new_sd = SOCKET_UNDEFINED;
828 }
829 else
830 {
831 /* set socket file descriptor to not pass across execs, so that
832 * scripts don't have access to it */
833 set_cloexec(sd);
834 }
835 return new_sd;
836}
837
838static void
840{
841 struct gc_arena gc = gc_new();
842 msg(M_INFO, "TCP connection established with %s", print_link_socket_actual(act, &gc));
843 gc_free(&gc);
844}
845
848 const char *remote_dynamic, const struct addrinfo *local, bool do_listen,
849 bool nowait, volatile int *signal_received)
850{
851 struct gc_arena gc = gc_new();
852 /* struct openvpn_sockaddr *remote = &act->dest; */
853 struct openvpn_sockaddr remote_verify = act->dest;
855
856 CLEAR(*act);
857 socket_do_listen(sd, local, do_listen, true);
858
859 while (true)
860 {
861 int status;
862 fd_set reads;
863 struct timeval tv;
864
865 FD_ZERO(&reads);
866 openvpn_fd_set(sd, &reads);
867 tv.tv_sec = 0;
868 tv.tv_usec = 0;
869
870 status = select(sd + 1, &reads, NULL, NULL, &tv);
871
872 get_signal(signal_received);
873 if (*signal_received)
874 {
875 gc_free(&gc);
876 return sd;
877 }
878
879 if (status < 0)
880 {
881 msg(D_LINK_ERRORS | M_ERRNO, "TCP: select() failed");
882 }
883
884 if (status <= 0)
885 {
887 continue;
888 }
889
890 new_sd = socket_do_accept(sd, act, nowait);
891
892 if (socket_defined(new_sd))
893 {
894 struct addrinfo *ai = NULL;
895 if (remote_dynamic)
896 {
897 openvpn_getaddrinfo(0, remote_dynamic, NULL, 1, NULL,
898 remote_verify.addr.sa.sa_family, &ai);
899 }
900
901 if (ai && !addrlist_match(&remote_verify, ai))
902 {
903 msg(M_WARN, "TCP NOTE: Rejected connection attempt from %s due to --remote setting",
905 if (openvpn_close_socket(new_sd))
906 {
907 msg(M_ERR, "TCP: close socket failed (new_sd)");
908 }
909 freeaddrinfo(ai);
910 }
911 else
912 {
913 if (ai)
914 {
915 freeaddrinfo(ai);
916 }
917 break;
918 }
919 }
921 }
922
923 if (!nowait && openvpn_close_socket(sd))
924 {
925 msg(M_ERR, "TCP: close socket failed (sd)");
926 }
927
929
930 gc_free(&gc);
931 return new_sd;
932}
933
934void
935socket_bind(socket_descriptor_t sd, struct addrinfo *local, int ai_family, const char *prefix,
936 bool ipv6only)
937{
938 struct gc_arena gc = gc_new();
939
940 /* FIXME (schwabe)
941 * getaddrinfo for the bind address might return multiple AF_INET/AF_INET6
942 * entries for the requested protocol.
943 * For example if an address has multiple A records
944 * What is the correct way to deal with it?
945 */
946
947 struct addrinfo *cur;
948
949 ASSERT(local);
950
951
952 /* find the first addrinfo with correct ai_family */
953 for (cur = local; cur; cur = cur->ai_next)
954 {
955 if (cur->ai_family == ai_family)
956 {
957 break;
958 }
959 }
960 if (!cur)
961 {
962 msg(M_FATAL, "%s: Socket bind failed: Addr to bind has no %s record", prefix,
963 addr_family_name(ai_family));
964 }
965
966 if (ai_family == AF_INET6)
967 {
968 int v6only = ipv6only ? 1 : 0; /* setsockopt must have an "int" */
969
970 msg(M_INFO, "setsockopt(IPV6_V6ONLY=%d)", v6only);
971 if (setsockopt(sd, IPPROTO_IPV6, IPV6_V6ONLY, (void *)&v6only, sizeof(v6only)))
972 {
973 msg(M_NONFATAL | M_ERRNO, "Setting IPV6_V6ONLY=%d failed", v6only);
974 }
975 }
976 if (bind(sd, cur->ai_addr, cur->ai_addrlen))
977 {
978 msg(M_FATAL | M_ERRNO, "%s: Socket bind failed on local address %s", prefix,
979 print_sockaddr_ex(local->ai_addr, ":", PS_SHOW_PORT, &gc));
980 }
981 gc_free(&gc);
982}
983
984int
985openvpn_connect(socket_descriptor_t sd, const struct sockaddr *remote, int connect_timeout,
986 volatile int *signal_received)
987{
988 int status = 0;
989
990#ifdef TARGET_ANDROID
991 protect_fd_nonlocal(sd, remote);
992#endif
993 set_nonblock(sd);
994 status = connect(sd, remote, af_addr_size(remote->sa_family));
995 if (status)
996 {
998 }
999 if (
1000#ifdef _WIN32
1001 status == WSAEWOULDBLOCK
1002#else
1003 status == EINPROGRESS
1004#endif
1005 )
1006 {
1007 while (true)
1008 {
1009#if POLL
1010 struct pollfd fds[1];
1011 fds[0].fd = sd;
1012 fds[0].events = POLLOUT;
1013 status = poll(fds, 1, (connect_timeout > 0) ? 1000 : 0);
1014#else
1015 fd_set writes;
1016 struct timeval tv;
1017
1018 FD_ZERO(&writes);
1019 openvpn_fd_set(sd, &writes);
1020 tv.tv_sec = (connect_timeout > 0) ? 1 : 0;
1021 tv.tv_usec = 0;
1022
1023 status = select(sd + 1, NULL, &writes, NULL, &tv);
1024#endif
1025 if (signal_received)
1026 {
1027 get_signal(signal_received);
1028 if (*signal_received)
1029 {
1030 status = 0;
1031 break;
1032 }
1033 }
1034 if (status < 0)
1035 {
1037 break;
1038 }
1039 if (status <= 0)
1040 {
1041 if (--connect_timeout < 0)
1042 {
1043#ifdef _WIN32
1044 status = WSAETIMEDOUT;
1045#else
1046 status = ETIMEDOUT;
1047#endif
1048 break;
1049 }
1051 continue;
1052 }
1053
1054 /* got it */
1055 {
1056 int val = 0;
1057 socklen_t len;
1058
1059 len = sizeof(val);
1060 if (getsockopt(sd, SOL_SOCKET, SO_ERROR, (void *)&val, &len) == 0
1061 && len == sizeof(val))
1062 {
1063 status = val;
1064 }
1065 else
1066 {
1068 }
1069 break;
1070 }
1071 }
1072 }
1073
1074 return status;
1075}
1076
1077void
1078set_actual_address(struct link_socket_actual *actual, struct addrinfo *ai)
1079{
1080 CLEAR(*actual);
1081 ASSERT(ai);
1082
1083 if (ai->ai_family == AF_INET)
1084 {
1085 actual->dest.addr.in4 = *((struct sockaddr_in *)ai->ai_addr);
1086 }
1087 else if (ai->ai_family == AF_INET6)
1088 {
1089 actual->dest.addr.in6 = *((struct sockaddr_in6 *)ai->ai_addr);
1090 }
1091 else
1092 {
1093 ASSERT(0);
1094 }
1095}
1096
1097static void
1098socket_connect(socket_descriptor_t *sd, const struct sockaddr *dest, const int connect_timeout,
1099 struct signal_info *sig_info)
1100{
1101 struct gc_arena gc = gc_new();
1102 int status;
1103
1104 msg(M_INFO, "Attempting to establish TCP connection with %s", print_sockaddr(dest, &gc));
1105
1106#ifdef ENABLE_MANAGEMENT
1107 if (management)
1108 {
1109 management_set_state(management, OPENVPN_STATE_TCP_CONNECT, NULL, NULL, NULL, NULL, NULL);
1110 }
1111#endif
1112
1113 /* Set the actual address */
1114 status = openvpn_connect(*sd, dest, connect_timeout, &sig_info->signal_received);
1115
1116 get_signal(&sig_info->signal_received);
1117 if (sig_info->signal_received)
1118 {
1119 goto done;
1120 }
1121
1122 if (status)
1123 {
1124 msg(D_LINK_ERRORS, "TCP: connect to %s failed: %s", print_sockaddr(dest, &gc),
1125 strerror(status));
1126
1128 *sd = SOCKET_UNDEFINED;
1129 register_signal(sig_info, SIGUSR1, "connection-failed");
1130 }
1131 else
1132 {
1133 msg(M_INFO, "TCP connection established with %s", print_sockaddr(dest, &gc));
1134 }
1135
1136done:
1137 gc_free(&gc);
1138}
1139
1140/*
1141 * Stream buffer handling prototypes -- stream_buf is a helper class
1142 * to assist in the packetization of stream transport protocols
1143 * such as TCP.
1144 */
1145
1146static void stream_buf_init(struct stream_buf *sb, struct buffer *buf, const unsigned int sockflags,
1147 const int proto);
1148
1149static void stream_buf_close(struct stream_buf *sb);
1150
1151static bool stream_buf_added(struct stream_buf *sb, int length_added);
1152
1153/* For stream protocols, allocate a buffer to build up packet.
1154 * Called after frame has been finalized. */
1155
1156static void
1157socket_frame_init(const struct frame *frame, struct link_socket *sock)
1158{
1159#ifdef _WIN32
1160 overlapped_io_init(&sock->reads, frame, FALSE);
1161 overlapped_io_init(&sock->writes, frame, TRUE);
1162 sock->rw_handle.read = sock->reads.overlapped.hEvent;
1163 sock->rw_handle.write = sock->writes.overlapped.hEvent;
1164#endif
1165
1167 {
1168#ifdef _WIN32
1169 stream_buf_init(&sock->stream_buf, &sock->reads.buf_init, sock->sockflags,
1170 sock->info.proto);
1171#else
1173
1175 sock->info.proto);
1176#endif
1177 }
1178}
1179
1180static void
1182{
1183 struct gc_arena gc = gc_new();
1184
1185 /* resolve local address if undefined */
1186 if (!sock->info.lsa->bind_local)
1187 {
1189 int status;
1190
1191 if (proto_is_dgram(sock->info.proto))
1192 {
1193 flags |= GETADDR_DATAGRAM;
1194 }
1195
1196 /* will return AF_{INET|INET6}from local_host */
1197 status = get_cached_dns_entry(sock->dns_cache, sock->local_host, sock->local_port, af,
1198 flags, &sock->info.lsa->bind_local);
1199
1200 if (status)
1201 {
1202 status = openvpn_getaddrinfo(flags, sock->local_host, sock->local_port, 0, NULL, af,
1203 &sock->info.lsa->bind_local);
1204 }
1205
1206 if (status != 0)
1207 {
1208 msg(M_FATAL, "getaddrinfo() failed for local \"%s:%s\": %s", sock->local_host,
1209 sock->local_port, gai_strerror(status));
1210 }
1211
1212 /* the address family returned by openvpn_getaddrinfo() should be
1213 * taken into consideration only if we really passed an hostname
1214 * to resolve. Otherwise its value is not useful to us and may
1215 * actually break our socket, i.e. when it returns AF_INET
1216 * but our remote is v6 only.
1217 */
1218 if (sock->local_host)
1219 {
1220 /* the resolved 'local entry' might have a different family than
1221 * what was globally configured
1222 */
1223 sock->info.af = sock->info.lsa->bind_local->ai_family;
1224 }
1225 }
1226
1227 gc_free(&gc);
1228}
1229
1230static void
1231resolve_remote(struct link_socket *sock, int phase, const char **remote_dynamic,
1232 struct signal_info *sig_info)
1233{
1234 volatile int *signal_received = sig_info ? &sig_info->signal_received : NULL;
1235 struct gc_arena gc = gc_new();
1236
1237 /* resolve remote address if undefined */
1238 if (!sock->info.lsa->remote_list)
1239 {
1240 if (sock->remote_host)
1241 {
1242 unsigned int flags =
1244 int retry = 0;
1245 int status = -1;
1246 struct addrinfo *ai;
1247 if (proto_is_dgram(sock->info.proto))
1248 {
1249 flags |= GETADDR_DATAGRAM;
1250 }
1251
1253 {
1254 if (phase == 2)
1255 {
1256 flags |= (GETADDR_TRY_ONCE | GETADDR_FATAL);
1257 }
1258 retry = 0;
1259 }
1260 else if (phase == 1)
1261 {
1262 if (sock->resolve_retry_seconds)
1263 {
1264 retry = 0;
1265 }
1266 else
1267 {
1269 retry = 0;
1270 }
1271 }
1272 else if (phase == 2)
1273 {
1274 if (sock->resolve_retry_seconds)
1275 {
1276 flags |= GETADDR_FATAL;
1277 retry = sock->resolve_retry_seconds;
1278 }
1279 else
1280 {
1281 ASSERT(0);
1282 }
1283 }
1284 else
1285 {
1286 ASSERT(0);
1287 }
1288
1289
1291 sock->info.af, flags, &ai);
1292 if (status)
1293 {
1294 status = openvpn_getaddrinfo(flags, sock->remote_host, sock->remote_port, retry,
1295 sig_info, sock->info.af, &ai);
1296 }
1297
1298 if (status == 0)
1299 {
1300 sock->info.lsa->remote_list = ai;
1301 sock->info.lsa->current_remote = ai;
1302
1303 dmsg(D_SOCKET_DEBUG, "RESOLVE_REMOTE flags=0x%04x phase=%d rrs=%d sig=%d status=%d",
1304 flags, phase, retry, signal_received ? *signal_received : -1, status);
1305 }
1306 if (signal_received && *signal_received)
1307 {
1308 goto done;
1309 }
1310 if (status != 0)
1311 {
1312 if (signal_received)
1313 {
1314 /* potential overwrite of signal */
1315 register_signal(sig_info, SIGUSR1, "socks-resolve-failure");
1316 }
1317 goto done;
1318 }
1319 }
1320 }
1321
1322 /* should we re-use previous active remote address? */
1324 {
1325 msg(M_INFO, "TCP/UDP: Preserving recently used remote address: %s",
1327 if (remote_dynamic)
1328 {
1329 *remote_dynamic = NULL;
1330 }
1331 }
1332 else
1333 {
1334 CLEAR(sock->info.lsa->actual);
1335 if (sock->info.lsa->current_remote)
1336 {
1338 }
1339 }
1340
1341done:
1342 gc_free(&gc);
1343}
1344
1345
1346struct link_socket *
1348{
1349 struct link_socket *sock;
1350
1351 ALLOC_OBJ_CLEAR(sock, struct link_socket);
1352 sock->sd = SOCKET_UNDEFINED;
1353 sock->ctrl_sd = SOCKET_UNDEFINED;
1355 sock->ev_arg.u.sock = sock;
1356
1357 return sock;
1358}
1359
1360void
1361link_socket_init_phase1(struct context *c, int sock_index, int mode)
1362{
1363 struct link_socket *sock = c->c2.link_sockets[sock_index];
1364 struct options *o = &c->options;
1365 ASSERT(sock);
1366
1367 const char *host = o->ce.local_list->array[sock_index]->local;
1368 const char *port = o->ce.local_list->array[sock_index]->port;
1369 int proto = o->ce.local_list->array[sock_index]->proto;
1370 const char *remote_host = o->ce.remote;
1371 const char *remote_port = o->ce.remote_port;
1372
1373 if (remote_host)
1374 {
1375 proto = o->ce.proto;
1376 }
1377
1378 if (c->mode == CM_CHILD_TCP || c->mode == CM_CHILD_UDP)
1379 {
1380 struct link_socket *tmp_sock = NULL;
1381 if (c->mode == CM_CHILD_TCP)
1382 {
1383 tmp_sock = (struct link_socket *)c->c2.accept_from;
1384 }
1385 else if (c->mode == CM_CHILD_UDP)
1386 {
1387 tmp_sock = c->c2.link_sockets[0];
1388 }
1389
1390 host = tmp_sock->local_host;
1391 port = tmp_sock->local_port;
1392 proto = tmp_sock->info.proto;
1393 }
1394
1395 sock->local_host = host;
1396 sock->local_port = port;
1397 sock->remote_host = remote_host;
1398 sock->remote_port = remote_port;
1399 sock->dns_cache = c->c1.dns_cache;
1400 sock->http_proxy = c->c1.http_proxy;
1401 sock->socks_proxy = c->c1.socks_proxy;
1402 sock->bind_local = o->ce.bind_local;
1405
1406#ifdef ENABLE_DEBUG
1407 sock->gremlin = o->gremlin;
1408#endif
1409
1412
1413 sock->sockflags = o->sockflags;
1414
1415#if PORT_SHARE
1416 if (o->port_share_host && o->port_share_port)
1417 {
1418 sock->sockflags |= SF_PORT_SHARE;
1419 }
1420#endif
1421
1422 sock->mark = o->mark;
1423 sock->bind_dev = o->bind_dev;
1424 sock->info.proto = proto;
1425 sock->info.af = o->ce.af;
1426 sock->info.remote_float = o->ce.remote_float;
1427 sock->info.lsa = &c->c1.link_socket_addrs[sock_index];
1429 sock->info.ipchange_command = o->ipchange;
1430 sock->info.plugins = c->plugins;
1432
1433 sock->mode = mode;
1435 {
1436 ASSERT(c->c2.accept_from);
1438 sock->sd = c->c2.accept_from->sd;
1439 /* inherit (possibly guessed) info AF from parent context */
1440 sock->info.af = c->c2.accept_from->info.af;
1441 }
1442
1443 /* are we running in HTTP proxy mode? */
1444 if (sock->http_proxy)
1445 {
1447
1448 /* the proxy server */
1450 sock->remote_port = c->c1.http_proxy->options.port;
1451
1452 /* the OpenVPN server we will use the proxy to connect to */
1455 }
1456 /* or in Socks proxy mode? */
1457 else if (sock->socks_proxy)
1458 {
1459 /* the proxy server */
1460 sock->remote_host = c->c1.socks_proxy->server;
1461 sock->remote_port = c->c1.socks_proxy->port;
1462
1463 /* the OpenVPN server we will use the proxy to connect to */
1466 }
1467 else
1468 {
1469 sock->remote_host = remote_host;
1470 sock->remote_port = remote_port;
1471 }
1472
1473 /* bind behavior for TCP server vs. client */
1474 if (sock->info.proto == PROTO_TCP_SERVER)
1475 {
1476 if (sock->mode == LS_MODE_TCP_ACCEPT_FROM)
1477 {
1478 sock->bind_local = false;
1479 }
1480 else
1481 {
1482 sock->bind_local = true;
1483 }
1484 }
1485
1487 {
1488 if (sock->bind_local)
1489 {
1490 resolve_bind_local(sock, sock->info.af);
1491 }
1492 resolve_remote(sock, 1, NULL, NULL);
1493 }
1494}
1495
1496static void
1498{
1499 /* set misc socket parameters */
1500 socket_set_flags(sock->sd, sock->sockflags);
1501
1502 /* set socket to non-blocking mode */
1503 set_nonblock(sock->sd);
1504
1505 /* set Path MTU discovery options on the socket */
1506 set_mtu_discover_type(sock->sd, sock->mtu_discover_type, sock->info.af);
1507
1508#if EXTENDED_SOCKET_ERROR_CAPABILITY
1509 /* if the OS supports it, enable extended error passing on the socket */
1510 set_sock_extended_error_passing(sock->sd, sock->info.af);
1511#endif
1512}
1513
1514
1515static void
1517{
1518 struct gc_arena gc = gc_new();
1519 const int msglevel = (sock->mode == LS_MODE_TCP_ACCEPT_FROM) ? D_INIT_MEDIUM : M_INFO;
1520
1521 /* print local address */
1522 if (sock->bind_local)
1523 {
1524 sa_family_t ai_family = sock->info.lsa->actual.dest.addr.sa.sa_family;
1525 /* Socket is always bound on the first matching address,
1526 * For bound sockets with no remote addr this is the element of
1527 * the list */
1528 struct addrinfo *cur;
1529 for (cur = sock->info.lsa->bind_local; cur; cur = cur->ai_next)
1530 {
1531 if (!ai_family || ai_family == cur->ai_family)
1532 {
1533 break;
1534 }
1535 }
1536 ASSERT(cur);
1537 msg(msglevel, "%s link local (bound): %s",
1538 proto2ascii(sock->info.proto, sock->info.af, true), print_sockaddr(cur->ai_addr, &gc));
1539 }
1540 else
1541 {
1542 msg(msglevel, "%s link local: (not bound)",
1543 proto2ascii(sock->info.proto, sock->info.af, true));
1544 }
1545
1546 /* print active remote address */
1547 msg(msglevel, "%s link remote: %s", proto2ascii(sock->info.proto, sock->info.af, true),
1549 gc_free(&gc);
1550}
1551
1552static void
1553phase2_tcp_server(struct link_socket *sock, const char *remote_dynamic,
1554 struct signal_info *sig_info)
1555{
1556 ASSERT(sig_info);
1557 volatile int *signal_received = &sig_info->signal_received;
1558 switch (sock->mode)
1559 {
1560 case LS_MODE_DEFAULT:
1561 sock->sd =
1562 socket_listen_accept(sock->sd, &sock->info.lsa->actual, remote_dynamic,
1563 sock->info.lsa->bind_local, true, false, signal_received);
1564 break;
1565
1566 case LS_MODE_TCP_LISTEN:
1567 socket_do_listen(sock->sd, sock->info.lsa->bind_local, true, false);
1568 break;
1569
1571 sock->sd = socket_do_accept(sock->sd, &sock->info.lsa->actual, false);
1572 if (!socket_defined(sock->sd))
1573 {
1574 register_signal(sig_info, SIGTERM, "socket-undefined");
1575 return;
1576 }
1578 break;
1579
1580 default:
1581 ASSERT(0);
1582 }
1583}
1584
1585
1586static void
1587phase2_tcp_client(struct link_socket *sock, struct signal_info *sig_info)
1588{
1589 bool proxy_retry = false;
1590 do
1591 {
1592 socket_connect(&sock->sd, sock->info.lsa->current_remote->ai_addr,
1594
1595 if (sig_info->signal_received)
1596 {
1597 return;
1598 }
1599
1600 if (sock->http_proxy)
1601 {
1602 proxy_retry = establish_http_proxy_passthru(
1603 sock->http_proxy, sock->sd, sock->proxy_dest_host, sock->proxy_dest_port,
1604 sock->server_poll_timeout, &sock->stream_buf.residual, sig_info);
1605 }
1606 else if (sock->socks_proxy)
1607 {
1610 sig_info);
1611 }
1612 if (proxy_retry)
1613 {
1614 openvpn_close_socket(sock->sd);
1615 sock->sd = create_socket_tcp(sock->info.lsa->current_remote);
1616 }
1617
1618 } while (proxy_retry);
1619}
1620
1621static void
1622phase2_socks_client(struct link_socket *sock, struct signal_info *sig_info)
1623{
1624 socket_connect(&sock->ctrl_sd, sock->info.lsa->current_remote->ai_addr,
1626
1627 if (sig_info->signal_received)
1628 {
1629 return;
1630 }
1631
1633 sock->server_poll_timeout, sig_info);
1634
1635 if (sig_info->signal_received)
1636 {
1637 return;
1638 }
1639
1640 sock->remote_host = sock->proxy_dest_host;
1641 sock->remote_port = sock->proxy_dest_port;
1642
1644 if (sock->info.lsa->remote_list)
1645 {
1646 freeaddrinfo(sock->info.lsa->remote_list);
1647 sock->info.lsa->current_remote = NULL;
1648 sock->info.lsa->remote_list = NULL;
1649 }
1650
1651 resolve_remote(sock, 1, NULL, sig_info);
1652}
1653
1654#if defined(_WIN32)
1655static void
1656create_socket_dco_win(struct context *c, struct link_socket *sock, struct signal_info *sig_info)
1657{
1658 /* in P2P mode we must have remote resolved at this point */
1659 struct addrinfo *remoteaddr = sock->info.lsa->current_remote;
1660 if ((c->options.mode == MODE_POINT_TO_POINT) && (!remoteaddr))
1661 {
1662 return;
1663 }
1664
1665 if (!c->c1.tuntap)
1666 {
1667 struct tuntap *tt;
1668 ALLOC_OBJ_CLEAR(tt, struct tuntap);
1669
1672
1673 const char *device_guid = NULL; /* not used */
1674 tun_open_device(tt, c->options.dev_node, &device_guid, &c->gc);
1675
1676 /* Ensure we can "safely" cast the handle to a socket */
1677 static_assert(sizeof(sock->sd) == sizeof(tt->hand), "HANDLE and SOCKET size differs");
1678
1679 c->c1.tuntap = tt;
1680 }
1681
1682 if (c->options.mode == MODE_SERVER)
1683 {
1684 dco_mp_start_vpn(c->c1.tuntap->hand, sock);
1685 }
1686 else
1687 {
1688 dco_p2p_new_peer(c->c1.tuntap->hand, &c->c1.tuntap->dco_new_peer_ov, sock, sig_info);
1689 }
1690 sock->sockflags |= SF_DCO_WIN;
1691
1692 if (sig_info->signal_received)
1693 {
1694 return;
1695 }
1696
1697 sock->sd = (SOCKET)c->c1.tuntap->hand;
1698 linksock_print_addr(sock);
1699}
1700#endif /* if defined(_WIN32) */
1701
1702/* finalize socket initialization */
1703void
1705{
1706 const struct frame *frame = &c->c2.frame;
1707 struct signal_info *sig_info = c->sig;
1708
1709 const char *remote_dynamic = NULL;
1710 struct signal_info sig_save = { 0 };
1711
1712 ASSERT(sock);
1713 ASSERT(sig_info);
1714
1715 if (sig_info->signal_received)
1716 {
1717 sig_save = *sig_info;
1718 sig_save.signal_received = signal_reset(sig_info, 0);
1719 }
1720
1721 /* initialize buffers */
1722 socket_frame_init(frame, sock);
1723
1724 /*
1725 * Pass a remote name to connect/accept so that
1726 * they can test for dynamic IP address changes
1727 * and throw a SIGUSR1 if appropriate.
1728 */
1729 if (sock->resolve_retry_seconds)
1730 {
1731 remote_dynamic = sock->remote_host;
1732 }
1733
1734 /* Second chance to resolv/create socket */
1735 resolve_remote(sock, 2, &remote_dynamic, sig_info);
1736
1737 /* If a valid remote has been found, create the socket with its addrinfo */
1738#if defined(_WIN32)
1739 if (dco_enabled(&c->options))
1740 {
1741 create_socket_dco_win(c, sock, sig_info);
1742 goto done;
1743 }
1744#endif
1745 if (sock->info.lsa->current_remote)
1746 {
1747 create_socket(sock, sock->info.lsa->current_remote);
1748 }
1749
1750 /* If socket has not already been created create it now */
1751 if (sock->sd == SOCKET_UNDEFINED)
1752 {
1753 /* If we have no --remote and have still not figured out the
1754 * protocol family to use we will use the first of the bind */
1755
1756 if (sock->bind_local && !sock->remote_host && sock->info.lsa->bind_local)
1757 {
1758 /* Warn if this is because neither v4 or v6 was specified
1759 * and we should not connect a remote */
1760 if (sock->info.af == AF_UNSPEC)
1761 {
1762 msg(M_WARN, "Could not determine IPv4/IPv6 protocol. Using %s",
1763 addr_family_name(sock->info.lsa->bind_local->ai_family));
1764 sock->info.af = sock->info.lsa->bind_local->ai_family;
1765 }
1766 create_socket(sock, sock->info.lsa->bind_local);
1767 }
1768 }
1769
1770 /* Socket still undefined, give a warning and abort connection */
1771 if (sock->sd == SOCKET_UNDEFINED)
1772 {
1773 msg(M_WARN, "Could not determine IPv4/IPv6 protocol");
1774 register_signal(sig_info, SIGUSR1, "Could not determine IPv4/IPv6 protocol");
1775 goto done;
1776 }
1777
1778 if (sig_info->signal_received)
1779 {
1780 goto done;
1781 }
1782
1783 if (sock->info.proto == PROTO_TCP_SERVER)
1784 {
1785 phase2_tcp_server(sock, remote_dynamic, sig_info);
1786 }
1787 else if (sock->info.proto == PROTO_TCP_CLIENT)
1788 {
1789 phase2_tcp_client(sock, sig_info);
1790 }
1791 else if (sock->info.proto == PROTO_UDP && sock->socks_proxy)
1792 {
1793 phase2_socks_client(sock, sig_info);
1794 }
1795#ifdef TARGET_ANDROID
1796 if (sock->sd != -1)
1797 {
1798 protect_fd_nonlocal(sock->sd, &sock->info.lsa->actual.dest.addr.sa);
1799 }
1800#endif
1801 if (sig_info->signal_received)
1802 {
1803 goto done;
1804 }
1805
1807 linksock_print_addr(sock);
1808
1809done:
1810 if (sig_save.signal_received)
1811 {
1812 /* Always restore the saved signal -- register/throw_signal will handle priority */
1813 if (sig_save.source == SIG_SOURCE_HARD && sig_info == &siginfo_static)
1814 {
1815 throw_signal(sig_save.signal_received);
1816 }
1817 else
1818 {
1819 register_signal(sig_info, sig_save.signal_received, sig_save.signal_text);
1820 }
1821 }
1822}
1823
1824void
1826{
1827 if (sock)
1828 {
1829#ifdef ENABLE_DEBUG
1830 const int gremlin = GREMLIN_CONNECTION_FLOOD_LEVEL(sock->gremlin);
1831#else
1832 const int gremlin = 0;
1833#endif
1834
1835 if (socket_defined(sock->sd))
1836 {
1837#ifdef _WIN32
1838 close_net_event_win32(&sock->listen_handle, sock->sd, 0);
1839#endif
1840 if (!gremlin)
1841 {
1842 msg(D_LOW, "TCP/UDP: Closing socket");
1843 if (openvpn_close_socket(sock->sd))
1844 {
1845 msg(M_WARN | M_ERRNO, "TCP/UDP: Close Socket failed");
1846 }
1847 }
1848 sock->sd = SOCKET_UNDEFINED;
1849#ifdef _WIN32
1850 if (!gremlin)
1851 {
1852 overlapped_io_close(&sock->reads);
1854 }
1855#endif
1856 }
1857
1858 if (socket_defined(sock->ctrl_sd))
1859 {
1860 if (openvpn_close_socket(sock->ctrl_sd))
1861 {
1862 msg(M_WARN | M_ERRNO, "TCP/UDP: Close Socket (ctrl_sd) failed");
1863 }
1864 sock->ctrl_sd = SOCKET_UNDEFINED;
1865 }
1866
1868 free_buf(&sock->stream_buf_data);
1869 if (!gremlin)
1870 {
1871 free(sock);
1872 }
1873 }
1874}
1875
1876void
1877setenv_trusted(struct env_set *es, const struct link_socket_info *info)
1878{
1879 setenv_link_socket_actual(es, "trusted", &info->lsa->actual, SA_IP_PORT);
1880}
1881
1882static void
1883ipchange_fmt(const bool include_cmd, struct argv *argv, const struct link_socket_info *info,
1884 struct gc_arena *gc)
1885{
1886 const char *host = print_sockaddr_ex(&info->lsa->actual.dest.addr.sa, " ", PS_SHOW_PORT, gc);
1887 if (include_cmd)
1888 {
1890 argv_printf_cat(argv, "%s", host);
1891 }
1892 else
1893 {
1894 argv_printf(argv, "%s", host);
1895 }
1896}
1897
1898void
1900 const struct link_socket_actual *act, const char *common_name,
1901 struct env_set *es)
1902{
1903 struct gc_arena gc = gc_new();
1904
1905 info->lsa->actual = *act; /* Note: skip this line for --force-dest */
1906 setenv_trusted(es, info);
1907 info->connection_established = true;
1908
1909 /* Print connection initiated message, with common name if available */
1910 {
1911 struct buffer out = alloc_buf_gc(256, &gc);
1912 if (common_name)
1913 {
1914 buf_printf(&out, "[%s] ", common_name);
1915 }
1916 buf_printf(&out, "Peer Connection Initiated with %s",
1918 msg(M_INFO, "%s", BSTR(&out));
1919 }
1920
1921 /* set environmental vars */
1922 setenv_str(es, "common_name", common_name);
1923
1924 /* Process --ipchange plugin */
1926 {
1927 struct argv argv = argv_new();
1928 ipchange_fmt(false, &argv, info, &gc);
1929 if (plugin_call(info->plugins, OPENVPN_PLUGIN_IPCHANGE, &argv, NULL, es)
1930 != OPENVPN_PLUGIN_FUNC_SUCCESS)
1931 {
1932 msg(M_WARN, "WARNING: ipchange plugin call failed");
1933 }
1934 argv_free(&argv);
1935 }
1936
1937 /* Process --ipchange option */
1938 if (info->ipchange_command)
1939 {
1940 struct argv argv = argv_new();
1941 setenv_str(es, "script_type", "ipchange");
1942 ipchange_fmt(true, &argv, info, &gc);
1943 openvpn_run_script(&argv, es, 0, "--ipchange");
1944 argv_free(&argv);
1945 }
1946
1947 gc_free(&gc);
1948}
1949
1950void
1952 const struct link_socket_actual *from_addr)
1953{
1954 struct gc_arena gc = gc_new();
1955 struct addrinfo *ai;
1956
1957 switch (from_addr->dest.addr.sa.sa_family)
1958 {
1959 case AF_INET:
1960 case AF_INET6:
1962 "TCP/UDP: Incoming packet rejected from %s[%d], expected peer address: %s (allow this incoming source address/port by removing --remote or adding --float)",
1963 print_link_socket_actual(from_addr, &gc), (int)from_addr->dest.addr.sa.sa_family,
1964 print_sockaddr_ex(info->lsa->remote_list->ai_addr, ":", PS_SHOW_PORT, &gc));
1965 /* print additional remote addresses */
1966 for (ai = info->lsa->remote_list->ai_next; ai; ai = ai->ai_next)
1967 {
1968 msg(D_LINK_ERRORS, "or from peer address: %s",
1969 print_sockaddr_ex(ai->ai_addr, ":", PS_SHOW_PORT, &gc));
1970 }
1971 break;
1972 }
1973 buf->len = 0;
1974 gc_free(&gc);
1975}
1976
1977void
1979{
1980 dmsg(D_READ_WRITE, "TCP/UDP: No outgoing address to send packet");
1981}
1982
1983in_addr_t
1985{
1986 const struct link_socket_addr *lsa = info->lsa;
1987
1988 /*
1989 * This logic supports "redirect-gateway" semantic, which
1990 * makes sense only for PF_INET routes over PF_INET endpoints
1991 *
1992 * Maybe in the future consider PF_INET6 endpoints also ...
1993 * by now just ignore it
1994 *
1995 * For --remote entries with multiple addresses this
1996 * only return the actual endpoint we have successfully connected to
1997 */
1998 if (lsa->actual.dest.addr.sa.sa_family != AF_INET)
1999 {
2000 return IPV4_INVALID_ADDR;
2001 }
2002
2004 {
2005 return ntohl(lsa->actual.dest.addr.in4.sin_addr.s_addr);
2006 }
2007 else if (lsa->current_remote)
2008 {
2009 return ntohl(((struct sockaddr_in *)lsa->current_remote->ai_addr)->sin_addr.s_addr);
2010 }
2011 else
2012 {
2013 return 0;
2014 }
2015}
2016
2017const struct in6_addr *
2019{
2020 const struct link_socket_addr *lsa = info->lsa;
2021
2022 /* This logic supports "redirect-gateway" semantic,
2023 * for PF_INET6 routes over PF_INET6 endpoints
2024 *
2025 * For --remote entries with multiple addresses this
2026 * only return the actual endpoint we have successfully connected to
2027 */
2028 if (lsa->actual.dest.addr.sa.sa_family != AF_INET6)
2029 {
2030 return NULL;
2031 }
2032
2034 {
2035 return &(lsa->actual.dest.addr.in6.sin6_addr);
2036 }
2037 else if (lsa->current_remote)
2038 {
2039 return &(((struct sockaddr_in6 *)lsa->current_remote->ai_addr)->sin6_addr);
2040 }
2041 else
2042 {
2043 return NULL;
2044 }
2045}
2046
2047/*
2048 * Return a status string describing socket state.
2049 */
2050const char *
2051socket_stat(const struct link_socket *s, unsigned int rwflags, struct gc_arena *gc)
2052{
2053 struct buffer out = alloc_buf_gc(64, gc);
2054 if (s)
2055 {
2056 if (rwflags & EVENT_READ)
2057 {
2058 buf_printf(&out, "S%s", (s->rwflags_debug & EVENT_READ) ? "R" : "r");
2059#ifdef _WIN32
2060 buf_printf(&out, "%s", overlapped_io_state_ascii(&s->reads));
2061#endif
2062 }
2063 if (rwflags & EVENT_WRITE)
2064 {
2065 buf_printf(&out, "S%s", (s->rwflags_debug & EVENT_WRITE) ? "W" : "w");
2066#ifdef _WIN32
2068#endif
2069 }
2070 }
2071 else
2072 {
2073 buf_printf(&out, "S?");
2074 }
2075 return BSTR(&out);
2076}
2077
2078/*
2079 * Stream buffer functions, used to packetize a TCP
2080 * stream connection.
2081 */
2082
2083static inline void
2085{
2086 dmsg(D_STREAM_DEBUG, "STREAM: RESET");
2087 sb->residual_fully_formed = false;
2088 sb->buf = sb->buf_init;
2089 buf_reset(&sb->next);
2090 sb->len = -1;
2091}
2092
2093static void
2094stream_buf_init(struct stream_buf *sb, struct buffer *buf, const unsigned int sockflags,
2095 const int proto)
2096{
2097 sb->buf_init = *buf;
2098 sb->maxlen = sb->buf_init.len;
2099 sb->buf_init.len = 0;
2100 sb->residual = alloc_buf(sb->maxlen);
2101 sb->error = false;
2102#if PORT_SHARE
2103 sb->port_share_state =
2104 ((sockflags & SF_PORT_SHARE) && (proto == PROTO_TCP_SERVER)) ? PS_ENABLED : PS_DISABLED;
2105#endif
2107
2108 dmsg(D_STREAM_DEBUG, "STREAM: INIT maxlen=%d", sb->maxlen);
2109}
2110
2111static inline void
2113{
2114 /* set up 'next' for next i/o read */
2115 sb->next = sb->buf;
2116 sb->next.offset = sb->buf.offset + sb->buf.len;
2117 sb->next.len = (sb->len >= 0 ? sb->len : sb->maxlen) - sb->buf.len;
2118 dmsg(D_STREAM_DEBUG, "STREAM: SET NEXT, buf=[%d,%d] next=[%d,%d] len=%d maxlen=%d",
2119 sb->buf.offset, sb->buf.len, sb->next.offset, sb->next.len, sb->len, sb->maxlen);
2120 ASSERT(sb->next.len > 0);
2121 ASSERT(buf_safe(&sb->buf, sb->next.len));
2122}
2123
2124static inline void
2126{
2127 dmsg(D_STREAM_DEBUG, "STREAM: GET FINAL len=%d", buf_defined(&sb->buf) ? sb->buf.len : -1);
2128 ASSERT(buf_defined(&sb->buf));
2129 *buf = sb->buf;
2130}
2131
2132static inline void
2134{
2135 dmsg(D_STREAM_DEBUG, "STREAM: GET NEXT len=%d", buf_defined(&sb->next) ? sb->next.len : -1);
2136 ASSERT(buf_defined(&sb->next));
2137 *buf = sb->next;
2138}
2139
2140bool
2142{
2144 {
2146 ASSERT(buf_init(&sock->stream_buf.residual, 0));
2148 dmsg(D_STREAM_DEBUG, "STREAM: RESIDUAL FULLY FORMED [%s], len=%d",
2149 sock->stream_buf.residual_fully_formed ? "YES" : "NO", sock->stream_buf.residual.len);
2150 }
2151
2153 {
2155 }
2156 return !sock->stream_buf.residual_fully_formed;
2157}
2158
2159static bool
2161{
2162 dmsg(D_STREAM_DEBUG, "STREAM: ADD length_added=%d", length_added);
2163 if (length_added > 0)
2164 {
2165 sb->buf.len += length_added;
2166 }
2167
2168 /* if length unknown, see if we can get the length prefix from
2169 * the head of the buffer */
2170 if (sb->len < 0 && sb->buf.len >= (int)sizeof(packet_size_type))
2171 {
2173
2174#if PORT_SHARE
2175 if (sb->port_share_state == PS_ENABLED)
2176 {
2177 if (!is_openvpn_protocol(&sb->buf))
2178 {
2179 msg(D_STREAM_ERRORS, "Non-OpenVPN client protocol detected");
2180 sb->port_share_state = PS_FOREIGN;
2181 sb->error = true;
2182 return false;
2183 }
2184 else
2185 {
2186 sb->port_share_state = PS_DISABLED;
2187 }
2188 }
2189#endif
2190
2191 ASSERT(buf_read(&sb->buf, &net_size, sizeof(net_size)));
2192 sb->len = ntohps(net_size);
2193
2194 if (sb->len < 1 || sb->len > sb->maxlen)
2195 {
2196 msg(M_WARN,
2197 "WARNING: Bad encapsulated packet length from peer (%d), which must be > 0 and <= %d -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]",
2198 sb->len, sb->maxlen);
2200 sb->error = true;
2201 return false;
2202 }
2203 }
2204
2205 /* is our incoming packet fully read? */
2206 if (sb->len > 0 && sb->buf.len >= sb->len)
2207 {
2208 /* save any residual data that's part of the next packet */
2209 ASSERT(buf_init(&sb->residual, 0));
2210 if (sb->buf.len > sb->len)
2211 {
2212 ASSERT(buf_copy_excess(&sb->residual, &sb->buf, sb->len));
2213 }
2214 dmsg(D_STREAM_DEBUG, "STREAM: ADD returned TRUE, buf_len=%d, residual_len=%d",
2215 BLEN(&sb->buf), BLEN(&sb->residual));
2216 return true;
2217 }
2218 else
2219 {
2220 dmsg(D_STREAM_DEBUG, "STREAM: ADD returned FALSE (have=%d need=%d)", sb->buf.len, sb->len);
2222 return false;
2223 }
2224}
2225
2226static void
2228{
2229 free_buf(&sb->residual);
2230}
2231
2232/*
2233 * The listen event is a special event whose sole purpose is
2234 * to tell us that there's a new incoming connection on a
2235 * TCP socket, for use in server mode.
2236 */
2237event_t
2239{
2240#ifdef _WIN32
2242 {
2244 }
2245 return &s->listen_handle;
2246#else /* ifdef _WIN32 */
2247 return s->sd;
2248#endif
2249}
2250
2251
2252/*
2253 * Bad incoming address lengths that differ from what
2254 * we expect are considered to be fatal errors.
2255 */
2256void
2258{
2259 msg(M_FATAL,
2260 "ERROR: received strange incoming packet with an address length of %d -- we only accept address lengths of %d.",
2261 actual, expected);
2262}
2263
2264/*
2265 * Socket Read Routines
2266 */
2267
2268int
2269link_socket_read_tcp(struct link_socket *sock, struct buffer *buf)
2270{
2271 int len = 0;
2272
2274 {
2275 /* with Linux-DCO, we sometimes try to access a socket that is
2276 * already installed in the kernel and has no valid file descriptor
2277 * anymore. This is a bug.
2278 * Handle by resetting client instance instead of crashing.
2279 */
2280 if (sock->sd == SOCKET_UNDEFINED)
2281 {
2282 msg(M_INFO, "BUG: link_socket_read_tcp(): sock->sd==-1, reset client instance");
2283 sock->stream_reset = true; /* reset client instance */
2284 return buf->len = 0; /* nothing to read */
2285 }
2286
2287#ifdef _WIN32
2288 sockethandle_t sh = { .s = sock->sd };
2289 len = sockethandle_finalize(sh, &sock->reads, buf, NULL);
2290#else
2291 struct buffer frag;
2293 len = recv(sock->sd, BPTR(&frag), BLEN(&frag), MSG_NOSIGNAL);
2294#endif
2295
2296 if (!len)
2297 {
2298 sock->stream_reset = true;
2299 }
2300 if (len <= 0)
2301 {
2302 return buf->len = len;
2303 }
2304 }
2305
2307 || stream_buf_added(&sock->stream_buf, len)) /* packet complete? */
2308 {
2309 stream_buf_get_final(&sock->stream_buf, buf);
2311 return buf->len;
2312 }
2313 else
2314 {
2315 return buf->len = 0; /* no error, but packet is still incomplete */
2316 }
2317}
2318
2319#ifndef _WIN32
2320
2321#if ENABLE_IP_PKTINFO
2322
2323/* make the buffer large enough to handle ancillary socket data for
2324 * both IPv4 and IPv6 destination addresses, plus padding (see RFC 2292)
2325 */
2326#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2327#define PKTINFO_BUF_SIZE \
2328 max_int(CMSG_SPACE(sizeof(struct in6_pktinfo)), CMSG_SPACE(sizeof(struct in_pktinfo)))
2329#else
2330#define PKTINFO_BUF_SIZE \
2331 max_int(CMSG_SPACE(sizeof(struct in6_pktinfo)), CMSG_SPACE(sizeof(struct in_addr)))
2332#endif
2333
2334static socklen_t
2335link_socket_read_udp_posix_recvmsg(struct link_socket *sock, struct buffer *buf,
2336 struct link_socket_actual *from)
2337{
2338 struct iovec iov;
2339 uint8_t pktinfo_buf[PKTINFO_BUF_SIZE];
2340 struct msghdr mesg = { 0 };
2341 socklen_t fromlen = sizeof(from->dest.addr);
2342
2343 ASSERT(sock->sd >= 0); /* can't happen */
2344
2345 iov.iov_base = BPTR(buf);
2346 iov.iov_len = buf_forward_capacity_total(buf);
2347 mesg.msg_iov = &iov;
2348 mesg.msg_iovlen = 1;
2349 mesg.msg_name = &from->dest.addr;
2350 mesg.msg_namelen = fromlen;
2351 mesg.msg_control = pktinfo_buf;
2352 mesg.msg_controllen = sizeof pktinfo_buf;
2353 buf->len = recvmsg(sock->sd, &mesg, 0);
2354 if (buf->len >= 0)
2355 {
2356 struct cmsghdr *cmsg;
2357 fromlen = mesg.msg_namelen;
2358 cmsg = CMSG_FIRSTHDR(&mesg);
2359 if (cmsg != NULL && CMSG_NXTHDR(&mesg, cmsg) == NULL
2360#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2361 && cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_PKTINFO
2362 && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in_pktinfo)))
2363#elif defined(IP_RECVDSTADDR)
2364 && cmsg->cmsg_level == IPPROTO_IP && cmsg->cmsg_type == IP_RECVDSTADDR
2365 && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in_addr)))
2366#else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
2367#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
2368#endif
2369 {
2370#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2371 struct in_pktinfo *pkti = (struct in_pktinfo *)CMSG_DATA(cmsg);
2372 from->pi.in4.ipi_ifindex = pkti->ipi_ifindex;
2373 from->pi.in4.ipi_spec_dst = pkti->ipi_spec_dst;
2374#elif defined(IP_RECVDSTADDR)
2375 from->pi.in4 = *(struct in_addr *)CMSG_DATA(cmsg);
2376#else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
2377#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
2378#endif
2379 }
2380 else if (cmsg != NULL && CMSG_NXTHDR(&mesg, cmsg) == NULL
2381 && cmsg->cmsg_level == IPPROTO_IPV6 && cmsg->cmsg_type == IPV6_PKTINFO
2382 && cmsg->cmsg_len >= CMSG_LEN(sizeof(struct in6_pktinfo)))
2383 {
2384 struct in6_pktinfo *pkti6 = (struct in6_pktinfo *)CMSG_DATA(cmsg);
2385 from->pi.in6.ipi6_ifindex = pkti6->ipi6_ifindex;
2386 from->pi.in6.ipi6_addr = pkti6->ipi6_addr;
2387 }
2388 else if (cmsg != NULL)
2389 {
2390 msg(M_WARN,
2391 "CMSG received that cannot be parsed (cmsg_level=%d, cmsg_type=%d, cmsg=len=%d)",
2392 (int)cmsg->cmsg_level, (int)cmsg->cmsg_type, (int)cmsg->cmsg_len);
2393 }
2394 }
2395
2396 return fromlen;
2397}
2398#endif /* if ENABLE_IP_PKTINFO */
2399
2400int
2401link_socket_read_udp_posix(struct link_socket *sock, struct buffer *buf,
2402 struct link_socket_actual *from)
2403{
2404 socklen_t fromlen = sizeof(from->dest.addr);
2405 socklen_t expectedlen = af_addr_size(sock->info.af);
2406 addr_zero_host(&from->dest);
2407
2408 ASSERT(sock->sd >= 0); /* can't happen */
2409
2410#if ENABLE_IP_PKTINFO
2411 /* Both PROTO_UDPv4 and PROTO_UDPv6 */
2412 if (sock->info.proto == PROTO_UDP && sock->sockflags & SF_USE_IP_PKTINFO)
2413 {
2414 fromlen = link_socket_read_udp_posix_recvmsg(sock, buf, from);
2415 }
2416 else
2417#endif
2418 {
2419 buf->len = recvfrom(sock->sd, BPTR(buf), buf_forward_capacity(buf), 0, &from->dest.addr.sa,
2420 &fromlen);
2421 }
2422 /* FIXME: won't do anything when sock->info.af == AF_UNSPEC */
2423 if (buf->len >= 0 && expectedlen && fromlen != expectedlen)
2424 {
2425 bad_address_length(fromlen, expectedlen);
2426 }
2427 return buf->len;
2428}
2429
2430#endif /* ifndef _WIN32 */
2431
2432/*
2433 * Socket Write Routines
2434 */
2435
2436ssize_t
2437link_socket_write_tcp(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *to)
2438{
2439 packet_size_type len = BLEN(buf);
2440 dmsg(D_STREAM_DEBUG, "STREAM: WRITE %d offset=%d", (int)len, buf->offset);
2441 ASSERT(len <= sock->stream_buf.maxlen);
2442 len = htonps(len);
2443 ASSERT(buf_write_prepend(buf, &len, sizeof(len)));
2444#ifdef _WIN32
2445 return link_socket_write_win32(sock, buf, to);
2446#else
2447 return link_socket_write_tcp_posix(sock, buf);
2448#endif
2449}
2450
2451#if ENABLE_IP_PKTINFO
2452
2453ssize_t
2454link_socket_write_udp_posix_sendmsg(struct link_socket *sock, struct buffer *buf,
2455 struct link_socket_actual *to)
2456{
2457 struct iovec iov;
2458 struct msghdr mesg;
2459 struct cmsghdr *cmsg;
2460 uint8_t pktinfo_buf[PKTINFO_BUF_SIZE];
2461
2462 iov.iov_base = BPTR(buf);
2463 iov.iov_len = BLEN(buf);
2464 mesg.msg_iov = &iov;
2465 mesg.msg_iovlen = 1;
2466 switch (to->dest.addr.sa.sa_family)
2467 {
2468 case AF_INET:
2469 {
2470 mesg.msg_name = &to->dest.addr.sa;
2471 mesg.msg_namelen = sizeof(struct sockaddr_in);
2472 mesg.msg_control = pktinfo_buf;
2473 mesg.msg_flags = 0;
2474#if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST)
2475 mesg.msg_controllen = CMSG_SPACE(sizeof(struct in_pktinfo));
2476 cmsg = CMSG_FIRSTHDR(&mesg);
2477 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
2478 cmsg->cmsg_level = SOL_IP;
2479 cmsg->cmsg_type = IP_PKTINFO;
2480 {
2481 struct in_pktinfo *pkti;
2482 pkti = (struct in_pktinfo *)CMSG_DATA(cmsg);
2483 pkti->ipi_ifindex = to->pi.in4.ipi_ifindex;
2484 pkti->ipi_spec_dst = to->pi.in4.ipi_spec_dst;
2485 pkti->ipi_addr.s_addr = 0;
2486 }
2487#elif defined(IP_RECVDSTADDR)
2488 ASSERT(CMSG_SPACE(sizeof(struct in_addr)) <= sizeof(pktinfo_buf));
2489 mesg.msg_controllen = CMSG_SPACE(sizeof(struct in_addr));
2490 cmsg = CMSG_FIRSTHDR(&mesg);
2491 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_addr));
2492 cmsg->cmsg_level = IPPROTO_IP;
2493 cmsg->cmsg_type = IP_RECVDSTADDR;
2494 *(struct in_addr *)CMSG_DATA(cmsg) = to->pi.in4;
2495#else /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
2496#error ENABLE_IP_PKTINFO is set without IP_PKTINFO xor IP_RECVDSTADDR (fix syshead.h)
2497#endif /* if defined(HAVE_IN_PKTINFO) && defined(HAVE_IPI_SPEC_DST) */
2498 break;
2499 }
2500
2501 case AF_INET6:
2502 {
2503 struct in6_pktinfo *pkti6;
2504 mesg.msg_name = &to->dest.addr.sa;
2505 mesg.msg_namelen = sizeof(struct sockaddr_in6);
2506
2507 ASSERT(CMSG_SPACE(sizeof(struct in6_pktinfo)) <= sizeof(pktinfo_buf));
2508 mesg.msg_control = pktinfo_buf;
2509 mesg.msg_controllen = CMSG_SPACE(sizeof(struct in6_pktinfo));
2510 mesg.msg_flags = 0;
2511 cmsg = CMSG_FIRSTHDR(&mesg);
2512 cmsg->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
2513 cmsg->cmsg_level = IPPROTO_IPV6;
2514 cmsg->cmsg_type = IPV6_PKTINFO;
2515
2516 pkti6 = (struct in6_pktinfo *)CMSG_DATA(cmsg);
2517 pkti6->ipi6_ifindex = to->pi.in6.ipi6_ifindex;
2518 pkti6->ipi6_addr = to->pi.in6.ipi6_addr;
2519 break;
2520 }
2521
2522 default:
2523 ASSERT(0);
2524 }
2525 return sendmsg(sock->sd, &mesg, 0);
2526}
2527
2528#endif /* if ENABLE_IP_PKTINFO */
2529
2530/*
2531 * Win32 overlapped socket I/O functions.
2532 */
2533
2534#ifdef _WIN32
2535
2536static int
2538{
2539 if (socket_is_dco_win(sock))
2540 {
2541 return GetLastError();
2542 }
2543
2544 return WSAGetLastError();
2545}
2546
2547int
2548socket_recv_queue(struct link_socket *sock, int maxsize)
2549{
2550 if (sock->reads.iostate == IOSTATE_INITIAL)
2551 {
2552 WSABUF wsabuf[1];
2553 int status;
2554
2555 /* reset buf to its initial state */
2556 if (proto_is_udp(sock->info.proto))
2557 {
2558 sock->reads.buf = sock->reads.buf_init;
2559 }
2560 else if (proto_is_tcp(sock->info.proto))
2561 {
2562 stream_buf_get_next(&sock->stream_buf, &sock->reads.buf);
2563 }
2564 else
2565 {
2566 ASSERT(0);
2567 }
2568
2569 /* Win32 docs say it's okay to allocate the wsabuf on the stack */
2570 wsabuf[0].buf = BSTR(&sock->reads.buf);
2571 wsabuf[0].len = maxsize ? maxsize : BLEN(&sock->reads.buf);
2572
2573 /* check for buffer overflow */
2574 ASSERT(wsabuf[0].len <= BLEN(&sock->reads.buf));
2575
2576 /* the overlapped read will signal this event on I/O completion */
2577 ASSERT(ResetEvent(sock->reads.overlapped.hEvent));
2578 sock->reads.flags = 0;
2579
2580 if (socket_is_dco_win(sock))
2581 {
2582 status = ReadFile((HANDLE)sock->sd, wsabuf[0].buf, wsabuf[0].len, &sock->reads.size,
2583 &sock->reads.overlapped);
2584 /* Readfile status is inverted from WSARecv */
2585 status = !status;
2586 }
2587 else if (proto_is_udp(sock->info.proto))
2588 {
2589 sock->reads.addr_defined = true;
2590 sock->reads.addrlen = sizeof(sock->reads.addr6);
2591 status = WSARecvFrom(sock->sd, wsabuf, 1, &sock->reads.size, &sock->reads.flags,
2592 (struct sockaddr *)&sock->reads.addr, &sock->reads.addrlen,
2593 &sock->reads.overlapped, NULL);
2594 }
2595 else if (proto_is_tcp(sock->info.proto))
2596 {
2597 sock->reads.addr_defined = false;
2598 status = WSARecv(sock->sd, wsabuf, 1, &sock->reads.size, &sock->reads.flags,
2599 &sock->reads.overlapped, NULL);
2600 }
2601 else
2602 {
2603 status = 0;
2604 ASSERT(0);
2605 }
2606
2607 if (!status) /* operation completed immediately? */
2608 {
2609 /* FIXME: won't do anything when sock->info.af == AF_UNSPEC */
2610 int af_len = af_addr_size(sock->info.af);
2611 if (sock->reads.addr_defined && af_len && sock->reads.addrlen != af_len)
2612 {
2613 bad_address_length(sock->reads.addrlen, af_len);
2614 }
2616
2617 /* since we got an immediate return, we must signal the event object ourselves */
2618 ASSERT(SetEvent(sock->reads.overlapped.hEvent));
2619 sock->reads.status = 0;
2620
2621 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Receive immediate return [%d,%d]",
2622 (int)wsabuf[0].len, (int)sock->reads.size);
2623 }
2624 else
2625 {
2627 if (status == WSA_IO_PENDING) /* operation queued? */
2628 {
2630 sock->reads.status = status;
2631 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Receive queued [%d]", (int)wsabuf[0].len);
2632 }
2633 else /* error occurred */
2634 {
2635 struct gc_arena gc = gc_new();
2636 ASSERT(SetEvent(sock->reads.overlapped.hEvent));
2638 sock->reads.status = status;
2639 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Receive error [%d]: %s", (int)wsabuf[0].len,
2641 gc_free(&gc);
2642 }
2643 }
2644 }
2645 return sock->reads.iostate;
2646}
2647
2648int
2649socket_send_queue(struct link_socket *sock, struct buffer *buf, const struct link_socket_actual *to)
2650{
2651 if (sock->writes.iostate == IOSTATE_INITIAL)
2652 {
2653 WSABUF wsabuf[1];
2654 int status;
2655
2656 /* make a private copy of buf */
2657 sock->writes.buf = sock->writes.buf_init;
2658 sock->writes.buf.len = 0;
2659 ASSERT(buf_copy(&sock->writes.buf, buf));
2660
2661 /* Win32 docs say it's okay to allocate the wsabuf on the stack */
2662 wsabuf[0].buf = BSTR(&sock->writes.buf);
2663 wsabuf[0].len = BLEN(&sock->writes.buf);
2664
2665 /* the overlapped write will signal this event on I/O completion */
2666 ASSERT(ResetEvent(sock->writes.overlapped.hEvent));
2667 sock->writes.flags = 0;
2668
2669 if (socket_is_dco_win(sock))
2670 {
2671 status = WriteFile((HANDLE)sock->sd, wsabuf[0].buf, wsabuf[0].len, &sock->writes.size,
2672 &sock->writes.overlapped);
2673
2674 /* WriteFile status is inverted from WSASendTo */
2675 status = !status;
2676 }
2677 else if (proto_is_udp(sock->info.proto))
2678 {
2679 /* set destination address for UDP writes */
2680 sock->writes.addr_defined = true;
2681 if (to->dest.addr.sa.sa_family == AF_INET6)
2682 {
2683 sock->writes.addr6 = to->dest.addr.in6;
2684 sock->writes.addrlen = sizeof(sock->writes.addr6);
2685 }
2686 else
2687 {
2688 sock->writes.addr = to->dest.addr.in4;
2689 sock->writes.addrlen = sizeof(sock->writes.addr);
2690 }
2691
2692 status = WSASendTo(sock->sd, wsabuf, 1, &sock->writes.size, sock->writes.flags,
2693 (struct sockaddr *)&sock->writes.addr, sock->writes.addrlen,
2694 &sock->writes.overlapped, NULL);
2695 }
2696 else if (proto_is_tcp(sock->info.proto))
2697 {
2698 /* destination address for TCP writes was established on connection initiation */
2699 sock->writes.addr_defined = false;
2700
2701 status = WSASend(sock->sd, wsabuf, 1, &sock->writes.size, sock->writes.flags,
2702 &sock->writes.overlapped, NULL);
2703 }
2704 else
2705 {
2706 status = 0;
2707 ASSERT(0);
2708 }
2709
2710 if (!status) /* operation completed immediately? */
2711 {
2713
2714 /* since we got an immediate return, we must signal the event object ourselves */
2715 ASSERT(SetEvent(sock->writes.overlapped.hEvent));
2716
2717 sock->writes.status = 0;
2718
2719 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Send immediate return [%d,%d]", (int)wsabuf[0].len,
2720 (int)sock->writes.size);
2721 }
2722 else
2723 {
2725 /* both status code have the identical value */
2726 if (status == WSA_IO_PENDING || status == ERROR_IO_PENDING) /* operation queued? */
2727 {
2729 sock->writes.status = status;
2730 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Send queued [%d]", (int)wsabuf[0].len);
2731 }
2732 else /* error occurred */
2733 {
2734 struct gc_arena gc = gc_new();
2735 ASSERT(SetEvent(sock->writes.overlapped.hEvent));
2737 sock->writes.status = status;
2738
2739 dmsg(D_WIN32_IO, "WIN32 I/O: Socket Send error [%d]: %s", (int)wsabuf[0].len,
2741
2742 gc_free(&gc);
2743 }
2744 }
2745 }
2746 return sock->writes.iostate;
2747}
2748
2749void
2750read_sockaddr_from_overlapped(struct overlapped_io *io, struct sockaddr *dst, int overlapped_ret)
2751{
2752 if (overlapped_ret >= 0 && io->addr_defined)
2753 {
2754 /* TODO(jjo): streamline this mess */
2755 /* in this func we don't have relevant info about the PF_ of this
2756 * endpoint, as link_socket_actual will be zero for the 1st received packet
2757 *
2758 * Test for inets PF_ possible sizes
2759 */
2760 switch (io->addrlen)
2761 {
2762 case sizeof(struct sockaddr_in):
2763 case sizeof(struct sockaddr_in6):
2764 /* TODO(jjo): for some reason (?) I'm getting 24,28 for AF_INET6
2765 * under _WIN32*/
2766 case sizeof(struct sockaddr_in6) - 4:
2767 break;
2768
2769 default:
2770 bad_address_length(io->addrlen, af_addr_size(io->addr.sin_family));
2771 }
2772
2773 switch (io->addr.sin_family)
2774 {
2775 case AF_INET:
2776 memcpy(dst, &io->addr, sizeof(struct sockaddr_in));
2777 break;
2778
2779 case AF_INET6:
2780 memcpy(dst, &io->addr6, sizeof(struct sockaddr_in6));
2781 break;
2782 }
2783 }
2784 else
2785 {
2786 CLEAR(*dst);
2787 }
2788}
2789
2799static int
2800read_sockaddr_from_packet(struct buffer *buf, struct sockaddr *dst)
2801{
2802 int sa_len = 0;
2803
2804 const struct sockaddr *sa = (const struct sockaddr *)BPTR(buf);
2805 switch (sa->sa_family)
2806 {
2807 case AF_INET:
2808 sa_len = sizeof(struct sockaddr_in);
2809 if (buf_len(buf) < sa_len)
2810 {
2811 msg(M_FATAL,
2812 "ERROR: received incoming packet with too short length of %d -- must be at least %d.",
2813 buf_len(buf), sa_len);
2814 }
2815 memcpy(dst, sa, sa_len);
2816 buf_advance(buf, sa_len);
2817 break;
2818
2819 case AF_INET6:
2820 sa_len = sizeof(struct sockaddr_in6);
2821 if (buf_len(buf) < sa_len)
2822 {
2823 msg(M_FATAL,
2824 "ERROR: received incoming packet with too short length of %d -- must be at least %d.",
2825 buf_len(buf), sa_len);
2826 }
2827 memcpy(dst, sa, sa_len);
2828 buf_advance(buf, sa_len);
2829 break;
2830
2831 default:
2832 msg(M_FATAL, "ERROR: received incoming packet with invalid address family %d.",
2833 sa->sa_family);
2834 }
2835
2836 return sa_len;
2837}
2838
2839/* Returns the number of bytes successfully read */
2840int
2842 struct link_socket_actual *from)
2843{
2844 int ret = -1;
2845 BOOL status;
2846
2847 switch (io->iostate)
2848 {
2849 case IOSTATE_QUEUED:
2851 if (status)
2852 {
2853 /* successful return for a queued operation */
2854 if (buf)
2855 {
2856 *buf = io->buf;
2857 }
2858 ret = io->size;
2860 ASSERT(ResetEvent(io->overlapped.hEvent));
2861
2862 dmsg(D_WIN32_IO, "WIN32 I/O: Completion success [%d]", ret);
2863 }
2864 else
2865 {
2866 /* error during a queued operation */
2867 ret = -1;
2868 if (SocketHandleGetLastError(sh) != ERROR_IO_INCOMPLETE)
2869 {
2870 /* if no error (i.e. just not finished yet), then DON'T execute this code */
2872 ASSERT(ResetEvent(io->overlapped.hEvent));
2873 msg(D_WIN32_IO | M_ERRNO, "WIN32 I/O: Completion error");
2874 }
2875 }
2876 break;
2877
2880 ASSERT(ResetEvent(io->overlapped.hEvent));
2881 if (io->status)
2882 {
2883 /* error return for a non-queued operation */
2885 ret = -1;
2886 msg(D_WIN32_IO | M_ERRNO, "WIN32 I/O: Completion non-queued error");
2887 }
2888 else
2889 {
2890 /* successful return for a non-queued operation */
2891 if (buf)
2892 {
2893 *buf = io->buf;
2894 }
2895 ret = io->size;
2896 dmsg(D_WIN32_IO, "WIN32 I/O: Completion non-queued success [%d]", ret);
2897 }
2898 break;
2899
2900 case IOSTATE_INITIAL: /* were we called without proper queueing? */
2902 ret = -1;
2903 dmsg(D_WIN32_IO, "WIN32 I/O: Completion BAD STATE");
2904 break;
2905
2906 default:
2907 ASSERT(0);
2908 }
2909
2910 if (from && ret > 0 && sh.is_handle && sh.prepend_sa)
2911 {
2912 ret -= read_sockaddr_from_packet(buf, &from->dest.addr.sa);
2913 }
2914
2915 if (!sh.is_handle && from)
2916 {
2917 read_sockaddr_from_overlapped(io, &from->dest.addr.sa, ret);
2918 }
2919
2920 if (buf)
2921 {
2922 buf->len = ret;
2923 }
2924 return ret;
2925}
2926
2927#endif /* _WIN32 */
2928
2929/*
2930 * Socket event notification
2931 */
2932
2933unsigned int
2934socket_set(struct link_socket *s, struct event_set *es, unsigned int rwflags, void *arg,
2935 unsigned int *persistent)
2936{
2937 if (s)
2938 {
2939 if ((rwflags & EVENT_READ) && !stream_buf_read_setup(s))
2940 {
2941 ASSERT(!persistent);
2942 rwflags &= ~EVENT_READ;
2943 }
2944
2945#ifdef _WIN32
2946 if (rwflags & EVENT_READ)
2947 {
2948 socket_recv_queue(s, 0);
2949 }
2950#endif
2951
2952 /* if persistent is defined, call event_ctl only if rwflags has changed since last call */
2953 if (!persistent || *persistent != rwflags)
2954 {
2955 event_ctl(es, socket_event_handle(s), rwflags, arg);
2956 if (persistent)
2957 {
2958 *persistent = rwflags;
2959 }
2960 }
2961
2962 s->rwflags_debug = rwflags;
2963 }
2964 return rwflags;
2965}
2966
2967void
2969{
2970 if (sd && socket_defined(*sd))
2971 {
2973 *sd = SOCKET_UNDEFINED;
2974 }
2975}
2976
2977#if UNIX_SOCK_SUPPORT
2978
2979/*
2980 * code for unix domain sockets
2981 */
2982
2983const char *
2984sockaddr_unix_name(const struct sockaddr_un *local, const char *null)
2985{
2986 if (local && local->sun_family == PF_UNIX)
2987 {
2988 return local->sun_path;
2989 }
2990 else
2991 {
2992 return null;
2993 }
2994}
2995
2997create_socket_unix(void)
2998{
3000
3001 if ((sd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0)
3002 {
3003 msg(M_ERR, "Cannot create unix domain socket");
3004 }
3005
3006 /* set socket file descriptor to not pass across execs, so that
3007 * scripts don't have access to it */
3008 set_cloexec(sd);
3009
3010 return sd;
3011}
3012
3013void
3014socket_bind_unix(socket_descriptor_t sd, struct sockaddr_un *local, const char *prefix)
3015{
3016 struct gc_arena gc = gc_new();
3017 const mode_t orig_umask = umask(0);
3018
3019 if (bind(sd, (struct sockaddr *)local, sizeof(struct sockaddr_un)))
3020 {
3021 msg(M_FATAL | M_ERRNO, "%s: Socket bind[%d] failed on unix domain socket %s", prefix,
3022 (int)sd, sockaddr_unix_name(local, "NULL"));
3023 }
3024
3025 umask(orig_umask);
3026 gc_free(&gc);
3027}
3028
3030socket_accept_unix(socket_descriptor_t sd, struct sockaddr_un *remote)
3031{
3032 socklen_t remote_len = sizeof(struct sockaddr_un);
3034
3035 CLEAR(*remote);
3036 ret = accept(sd, (struct sockaddr *)remote, &remote_len);
3037 if (ret >= 0)
3038 {
3039 /* set socket file descriptor to not pass across execs, so that
3040 * scripts don't have access to it */
3041 set_cloexec(ret);
3042 }
3043 return ret;
3044}
3045
3046int
3047socket_connect_unix(socket_descriptor_t sd, struct sockaddr_un *remote)
3048{
3049 int status = connect(sd, (struct sockaddr *)remote, sizeof(struct sockaddr_un));
3050 if (status)
3051 {
3053 }
3054 return status;
3055}
3056
3057void
3058sockaddr_unix_init(struct sockaddr_un *local, const char *path)
3059{
3060 local->sun_family = PF_UNIX;
3061 strncpynt(local->sun_path, path, sizeof(local->sun_path));
3062}
3063
3064void
3065socket_delete_unix(const struct sockaddr_un *local)
3066{
3067 const char *name = sockaddr_unix_name(local, NULL);
3068 if (name && strlen(name))
3069 {
3070 unlink(name);
3071 }
3072}
3073
3074bool
3075unix_socket_get_peer_uid_gid(const socket_descriptor_t sd, int *uid, int *gid)
3076{
3077#ifdef HAVE_GETPEEREID
3078 uid_t u;
3079 gid_t g;
3080 if (getpeereid(sd, &u, &g) == -1)
3081 {
3082 return false;
3083 }
3084 if (uid)
3085 {
3086 *uid = u;
3087 }
3088 if (gid)
3089 {
3090 *gid = g;
3091 }
3092 return true;
3093#elif defined(SO_PEERCRED)
3094 struct ucred peercred;
3095 socklen_t so_len = sizeof(peercred);
3096 if (getsockopt(sd, SOL_SOCKET, SO_PEERCRED, &peercred, &so_len) == -1)
3097 {
3098 return false;
3099 }
3100 if (uid)
3101 {
3102 *uid = peercred.uid;
3103 }
3104 if (gid)
3105 {
3106 *gid = peercred.gid;
3107 }
3108 return true;
3109#else /* ifdef HAVE_GETPEEREID */
3110 return false;
3111#endif /* ifdef HAVE_GETPEEREID */
3112}
3113
3114#endif /* if UNIX_SOCK_SUPPORT */
void argv_parse_cmd(struct argv *argres, const char *cmdstr)
Parses a command string, tokenizes it and puts each element into a separate struct argv argument slot...
Definition argv.c:481
void argv_free(struct argv *a)
Frees all memory allocations allocated by the struct argv related functions.
Definition argv.c:101
bool argv_printf(struct argv *argres, const char *format,...)
printf() variant which populates a struct argv.
Definition argv.c:438
bool argv_printf_cat(struct argv *argres, const char *format,...)
printf() inspired argv concatenation.
Definition argv.c:462
struct argv argv_new(void)
Allocates a new struct argv and ensures it is initialised.
Definition argv.c:87
void free_buf(struct buffer *buf)
Definition buffer.c:184
bool buf_printf(struct buffer *buf, const char *format,...)
Definition buffer.c:241
struct buffer alloc_buf_gc(size_t size, struct gc_arena *gc)
Definition buffer.c:89
struct buffer alloc_buf(size_t size)
Definition buffer.c:63
void gc_addspecial(void *addr, void(*free_function)(void *), struct gc_arena *a)
Definition buffer.c:438
#define BSTR(buf)
Definition buffer.h:128
static bool buf_copy(struct buffer *dest, const struct buffer *src)
Definition buffer.h:704
#define BPTR(buf)
Definition buffer.h:123
static bool buf_copy_excess(struct buffer *dest, struct buffer *src, int len)
Definition buffer.h:739
static bool buf_write_prepend(struct buffer *dest, const void *src, int size)
Definition buffer.h:672
static void buf_reset(struct buffer *buf)
Definition buffer.h:303
static bool buf_safe(const struct buffer *buf, size_t len)
Definition buffer.h:518
static bool buf_read(struct buffer *src, void *dest, int size)
Definition buffer.h:762
static bool buf_advance(struct buffer *buf, int size)
Definition buffer.h:616
static int buf_len(const struct buffer *buf)
Definition buffer.h:253
static int buf_forward_capacity(const struct buffer *buf)
Definition buffer.h:539
#define ALLOC_OBJ_CLEAR_GC(dptr, type, gc)
Definition buffer.h:1079
#define BLEN(buf)
Definition buffer.h:126
static void strncpynt(char *dest, const char *src, size_t maxlen)
Definition buffer.h:361
static void gc_free(struct gc_arena *a)
Definition buffer.h:1015
#define ALLOC_OBJ_CLEAR(dptr, type)
Definition buffer.h:1042
static bool buf_defined(const struct buffer *buf)
Definition buffer.h:228
#define buf_init(buf, offset)
Definition buffer.h:209
static void gc_freeaddrinfo_callback(void *addr)
Definition buffer.h:215
static struct gc_arena gc_new(void)
Definition buffer.h:1007
static int buf_forward_capacity_total(const struct buffer *buf)
Definition buffer.h:557
void dco_mp_start_vpn(HANDLE handle, struct link_socket *sock)
Initializes and binds the kernel UDP transport socket for multipeer mode.
Definition dco_win.c:283
void dco_p2p_new_peer(HANDLE handle, OVERLAPPED *ov, struct link_socket *sock, struct signal_info *sig_info)
Definition dco_win.c:327
void setenv_str(struct env_set *es, const char *name, const char *value)
Definition env_set.c:307
#define D_WIN32_IO
Definition errlevel.h:172
#define D_STREAM_ERRORS
Definition errlevel.h:62
#define D_SOCKET_DEBUG
Definition errlevel.h:139
#define D_STREAM_DEBUG
Definition errlevel.h:171
#define D_INIT_MEDIUM
Definition errlevel.h:103
#define D_READ_WRITE
Definition errlevel.h:166
#define D_OSBUF
Definition errlevel.h:90
#define D_LOW
Definition errlevel.h:96
#define M_INFO
Definition errlevel.h:54
#define D_LINK_ERRORS
Definition errlevel.h:56
#define EVENT_WRITE
Definition event.h:39
#define EVENT_READ
Definition event.h:38
@ EVENT_ARG_LINK_SOCKET
Definition event.h:138
static void event_ctl(struct event_set *es, event_t event, unsigned int rwflags, void *arg)
Definition event.h:183
void set_nonblock(socket_descriptor_t fd)
Definition fdmisc.c:68
void set_cloexec(socket_descriptor_t fd)
Definition fdmisc.c:78
static void openvpn_fd_set(socket_descriptor_t fd, fd_set *setp)
Definition fdmisc.h:39
int get_server_poll_remaining_time(struct event_timeout *server_poll_timeout)
Definition forward.c:497
Interface functions to the internal and external multiplexers.
static SERVICE_STATUS status
Definition interactive.c:51
void management_set_state(struct management *man, const int state, const char *detail, const in_addr_t *tun_local_ip, const struct in6_addr *tun_local_ip6, const struct openvpn_sockaddr *local, const struct openvpn_sockaddr *remote)
Definition manage.c:2778
void management_sleep(const int n)
A sleep function that services the management layer for n seconds rather than doing nothing.
Definition manage.c:4131
#define OPENVPN_STATE_TCP_CONNECT
Definition manage.h:461
void alloc_buf_sock_tun(struct buffer *buf, const struct frame *frame)
Definition mtu.c:41
void set_mtu_discover_type(socket_descriptor_t sd, int mtu_type, sa_family_t proto_af)
Definition mtu.c:218
#define CLEAR(x)
Definition basic.h:32
const char * strerror_win32(DWORD errnum, struct gc_arena *gc)
Definition error.c:782
#define M_FATAL
Definition error.h:88
#define M_NONFATAL
Definition error.h:89
#define dmsg(flags,...)
Definition error.h:170
#define M_ERR
Definition error.h:104
#define openvpn_errno()
Definition error.h:71
#define msg(flags,...)
Definition error.h:150
#define ASSERT(x)
Definition error.h:217
#define M_WARN
Definition error.h:90
#define M_ERRNO
Definition error.h:93
#define CM_CHILD_TCP
Definition openvpn.h:486
#define CM_CHILD_UDP
Definition openvpn.h:485
#define MODE_POINT_TO_POINT
Definition options.h:260
#define MODE_SERVER
Definition options.h:261
#define streq(x, y)
Definition options.h:727
static bool dco_enabled(const struct options *o)
Returns whether the current configuration has dco enabled.
Definition options.h:936
bool plugin_defined(const struct plugin_list *pl, const int type)
Definition plugin.c:904
static int plugin_call(const struct plugin_list *pl, const int type, const struct argv *av, struct plugin_return *pr, struct env_set *es)
Definition plugin.h:195
bool establish_http_proxy_passthru(struct http_proxy_info *p, socket_descriptor_t sd, const char *host, const char *port, struct event_timeout *server_poll_timeout, struct buffer *lookahead, struct signal_info *sig_info)
Definition proxy.c:625
static int openvpn_run_script(const struct argv *a, const struct env_set *es, const unsigned int flags, const char *hook)
Will run a script and return the exit code of the script if between 0 and 255, -1 otherwise.
Definition run_command.h:89
void throw_signal_soft(const int signum, const char *signal_text)
Throw a soft global signal.
Definition sig.c:204
int signal_reset(struct signal_info *si, int signum)
Clear the signal if its current value equals signum.
Definition sig.c:262
void throw_signal(const int signum)
Throw a hard signal.
Definition sig.c:175
struct signal_info siginfo_static
Definition sig.c:44
void register_signal(struct signal_info *si, int signum, const char *signal_text)
Register a soft signal in the signal_info struct si respecting priority.
Definition sig.c:228
#define SIG_SOURCE_HARD
Definition sig.h:30
static void get_signal(volatile int *sig)
Copy the global signal_received (if non-zero) to the passed-in argument sig.
Definition sig.h:109
void link_socket_init_phase1(struct context *c, int sock_index, int mode)
Definition socket.c:1361
static void resolve_bind_local(struct link_socket *sock, const sa_family_t af)
Definition socket.c:1181
static int socket_get_sndbuf(socket_descriptor_t sd)
Definition socket.c:409
static void socket_set_sndbuf(socket_descriptor_t sd, int size)
Definition socket.c:425
static socket_descriptor_t socket_listen_accept(socket_descriptor_t sd, struct link_socket_actual *act, const char *remote_dynamic, const struct addrinfo *local, bool do_listen, bool nowait, volatile int *signal_received)
Definition socket.c:847
void link_socket_init_phase2(struct context *c, struct link_socket *sock)
Definition socket.c:1704
int socket_send_queue(struct link_socket *sock, struct buffer *buf, const struct link_socket_actual *to)
Definition socket.c:2649
static void ipchange_fmt(const bool include_cmd, struct argv *argv, const struct link_socket_info *info, struct gc_arena *gc)
Definition socket.c:1883
static int socket_get_last_error(const struct link_socket *sock)
Definition socket.c:2537
bool get_ipv6_addr(const char *hostname, struct in6_addr *network, unsigned int *netbits, int msglevel)
Translate an IPv6 addr or hostname from string form to in6_addr.
Definition socket.c:214
ssize_t link_socket_write_tcp(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *to)
Definition socket.c:2437
void link_socket_update_buffer_sizes(struct link_socket *sock, int rcvbuf, int sndbuf)
Definition socket.c:551
static socket_descriptor_t create_socket_udp(struct addrinfo *addrinfo, const unsigned int flags)
Definition socket.c:598
static void phase2_tcp_server(struct link_socket *sock, const char *remote_dynamic, struct signal_info *sig_info)
Definition socket.c:1553
static void create_socket(struct link_socket *sock, struct addrinfo *addr)
Definition socket.c:669
const struct in6_addr * link_socket_current_remote_ipv6(const struct link_socket_info *info)
Definition socket.c:2018
void set_actual_address(struct link_socket_actual *actual, struct addrinfo *ai)
Definition socket.c:1078
static bool socket_set_rcvbuf(socket_descriptor_t sd, int size)
Definition socket.c:452
static void stream_buf_set_next(struct stream_buf *sb)
Definition socket.c:2112
const char * socket_stat(const struct link_socket *s, unsigned int rwflags, struct gc_arena *gc)
Definition socket.c:2051
void bad_address_length(int actual, int expected)
Definition socket.c:2257
static bool stream_buf_added(struct stream_buf *sb, int length_added)
Definition socket.c:2160
event_t socket_listen_event_handle(struct link_socket *s)
Definition socket.c:2238
void sd_close(socket_descriptor_t *sd)
Definition socket.c:2968
static int get_addr_generic(sa_family_t af, unsigned int flags, const char *hostname, void *network, unsigned int *netbits, int resolve_retry_seconds, struct signal_info *sig_info, int msglevel)
Definition socket.c:79
static void linksock_print_addr(struct link_socket *sock)
Definition socket.c:1516
static void socket_set_mark(socket_descriptor_t sd, int mark)
Definition socket.c:512
static void stream_buf_close(struct stream_buf *sb)
Definition socket.c:2227
static void stream_buf_get_final(struct stream_buf *sb, struct buffer *buf)
Definition socket.c:2125
static void socket_connect(socket_descriptor_t *sd, const struct sockaddr *dest, const int connect_timeout, struct signal_info *sig_info)
Definition socket.c:1098
static void bind_local(struct link_socket *sock, const sa_family_t ai_family)
Definition socket.c:651
bool stream_buf_read_setup_dowork(struct link_socket *sock)
Definition socket.c:2141
static void phase2_socks_client(struct link_socket *sock, struct signal_info *sig_info)
Definition socket.c:1622
static bool socket_set_tcp_nodelay(socket_descriptor_t sd, int state)
Definition socket.c:492
socket_descriptor_t socket_do_accept(socket_descriptor_t sd, struct link_socket_actual *act, const bool nowait)
Definition socket.c:776
static void socket_do_listen(socket_descriptor_t sd, const struct addrinfo *local, bool do_listen, bool do_set_nonblock)
Definition socket.c:751
int socket_recv_queue(struct link_socket *sock, int maxsize)
Definition socket.c:2548
void link_socket_close(struct link_socket *sock)
Definition socket.c:1825
void link_socket_connection_initiated(struct link_socket_info *info, const struct link_socket_actual *act, const char *common_name, struct env_set *es)
Definition socket.c:1899
void socket_set_buffers(socket_descriptor_t fd, const struct socket_buffer_size *sbs, bool reduce_size)
Sets the receive and send buffer sizes of a socket descriptor.
Definition socket.c:465
static bool streqnull(const char *a, const char *b)
Definition socket.c:226
static void phase2_set_socket_flags(struct link_socket *sock)
Definition socket.c:1497
static void resolve_remote(struct link_socket *sock, int phase, const char **remote_dynamic, struct signal_info *sig_info)
Definition socket.c:1231
static int do_preresolve_host(struct context *c, const char *hostname, const char *servname, const int af, const int flags)
Definition socket.c:270
void link_socket_bad_outgoing_addr(void)
Definition socket.c:1978
int sockethandle_finalize(sockethandle_t sh, struct overlapped_io *io, struct buffer *buf, struct link_socket_actual *from)
Definition socket.c:2841
in_addr_t link_socket_current_remote(const struct link_socket_info *info)
Definition socket.c:1984
static int socket_get_rcvbuf(socket_descriptor_t sd)
Definition socket.c:436
int link_socket_read_tcp(struct link_socket *sock, struct buffer *buf)
Definition socket.c:2269
int openvpn_connect(socket_descriptor_t sd, const struct sockaddr *remote, int connect_timeout, volatile int *signal_received)
Definition socket.c:985
unsigned int socket_set(struct link_socket *s, struct event_set *es, unsigned int rwflags, void *arg, unsigned int *persistent)
Definition socket.c:2934
static unsigned int sf2gaf(const unsigned int getaddr_flags, const unsigned int sockflags)
Definition socket.c:63
static int get_cached_dns_entry(struct cached_dns_entry *dns_cache, const char *hostname, const char *servname, int ai_family, int resolve_flags, struct addrinfo **ai)
Definition socket.c:247
void do_preresolve(struct context *c)
Definition socket.c:314
void link_socket_bad_incoming_addr(struct buffer *buf, const struct link_socket_info *info, const struct link_socket_actual *from_addr)
Definition socket.c:1951
static void phase2_tcp_client(struct link_socket *sock, struct signal_info *sig_info)
Definition socket.c:1587
void socket_bind(socket_descriptor_t sd, struct addrinfo *local, int ai_family, const char *prefix, bool ipv6only)
Definition socket.c:935
socket_descriptor_t create_socket_tcp(struct addrinfo *addrinfo)
Definition socket.c:567
static void socket_frame_init(const struct frame *frame, struct link_socket *sock)
Definition socket.c:1157
static void stream_buf_reset(struct stream_buf *sb)
Definition socket.c:2084
static void stream_buf_get_next(struct stream_buf *sb, struct buffer *buf)
Definition socket.c:2133
static void create_socket_dco_win(struct context *c, struct link_socket *sock, struct signal_info *sig_info)
Definition socket.c:1656
static void tcp_connection_established(const struct link_socket_actual *act)
Definition socket.c:839
static bool socket_set_flags(socket_descriptor_t sd, unsigned int sockflags)
Definition socket.c:523
struct link_socket * link_socket_new(void)
Definition socket.c:1347
static int read_sockaddr_from_packet(struct buffer *buf, struct sockaddr *dst)
Extracts a sockaddr from a packet payload.
Definition socket.c:2800
bool sockets_read_residual(const struct context *c)
Definition socket.c:45
in_addr_t getaddr(unsigned int flags, const char *hostname, int resolve_retry_seconds, bool *succeeded, struct signal_info *sig_info)
Translate an IPv4 addr or hostname from string form to in_addr_t.
Definition socket.c:187
void setenv_trusted(struct env_set *es, const struct link_socket_info *info)
Definition socket.c:1877
void read_sockaddr_from_overlapped(struct overlapped_io *io, struct sockaddr *dst, int overlapped_ret)
Definition socket.c:2750
bool link_socket_update_flags(struct link_socket *sock, unsigned int sockflags)
Definition socket.c:537
static void stream_buf_init(struct stream_buf *sb, struct buffer *buf, const unsigned int sockflags, const int proto)
Definition socket.c:2094
static event_t socket_event_handle(const struct link_socket *sock)
Definition socket.h:738
#define IPV4_INVALID_ADDR
Definition socket.h:327
static BOOL SocketHandleGetOverlappedResult(sockethandle_t sh, struct overlapped_io *io)
Definition socket.h:269
#define LS_MODE_TCP_ACCEPT_FROM
Definition socket.h:181
#define SF_DCO_WIN
Definition socket.h:196
static bool link_socket_connection_oriented(const struct link_socket *sock)
Definition socket.h:379
static bool stream_buf_read_setup(struct link_socket *sock)
Definition socket.h:504
static void SocketHandleSetLastError(sockethandle_t sh, DWORD err)
Definition socket.h:283
static int SocketHandleGetLastError(sockethandle_t sh)
Definition socket.h:277
static void SocketHandleSetInvalError(sockethandle_t sh)
Definition socket.h:289
#define SF_TCP_NODELAY
Definition socket.h:192
#define RESOLV_RETRY_INFINITE
Definition socket.h:48
#define SF_USE_IP_PKTINFO
Definition socket.h:191
#define LS_MODE_DEFAULT
Definition socket.h:179
#define MSG_NOSIGNAL
Definition socket.h:242
uint16_t packet_size_type
Definition socket.h:56
static bool socket_is_dco_win(const struct link_socket *s)
Returns true if we are on Windows and this link is running on DCO-WIN.
Definition socket.h:522
#define SF_HOST_RANDOMIZE
Definition socket.h:194
#define SF_GETADDRINFO_DGRAM
Definition socket.h:195
#define LS_MODE_TCP_LISTEN
Definition socket.h:180
#define SF_PORT_SHARE
Definition socket.h:193
#define ntohps(x)
Definition socket.h:62
static int link_socket_write_win32(struct link_socket *sock, struct buffer *buf, struct link_socket_actual *to)
Definition socket.h:596
#define openvpn_close_socket(s)
Definition socket.h:247
#define htonps(x)
Definition socket.h:59
const char * proto2ascii(int proto, sa_family_t af, bool display_form)
int openvpn_getaddrinfo(unsigned int flags, const char *hostname, const char *servname, int resolve_retry_seconds, struct signal_info *sig_info, int ai_family, struct addrinfo **res)
const char * print_sockaddr_ex(const struct sockaddr *sa, const char *separator, const unsigned int flags, struct gc_arena *gc)
Definition socket_util.c:38
void setenv_link_socket_actual(struct env_set *es, const char *name_prefix, const struct link_socket_actual *act, const unsigned int flags)
const char * print_link_socket_actual(const struct link_socket_actual *act, struct gc_arena *gc)
const char * print_link_socket_actual_ex(const struct link_socket_actual *act, const char *separator, const unsigned int flags, struct gc_arena *gc)
const char * addr_family_name(int af)
static const char * print_sockaddr(const struct sockaddr *addr, struct gc_arena *gc)
Definition socket_util.h:77
#define GETADDR_CACHE_MASK
static bool link_socket_actual_defined(const struct link_socket_actual *act)
#define GETADDR_TRY_ONCE
#define SA_IP_PORT
Definition socket_util.h:99
#define GETADDR_PASSIVE
static bool proto_is_udp(int proto)
Returns if the protocol being used is UDP.
#define GETADDR_FATAL
#define GETADDR_UPDATE_MANAGEMENT_STATE
static bool addr_local(const struct sockaddr *addr)
#define PS_SHOW_PORT
Definition socket_util.h:31
@ PROTO_UDP
@ PROTO_TCP_CLIENT
@ PROTO_TCP_SERVER
#define GETADDR_HOST_ORDER
#define PS_SHOW_PORT_IF_DEFINED
Definition socket_util.h:30
#define GETADDR_RANDOMIZE
#define GETADDR_DATAGRAM
static bool proto_is_tcp(int proto)
returns if the proto is a TCP variant (tcp-server, tcp-client or tcp)
static void addr_zero_host(struct openvpn_sockaddr *addr)
static bool proto_is_dgram(int proto)
Return if the protocol is datagram (UDP)
static int af_addr_size(sa_family_t af)
#define GETADDR_RESOLVE
#define GETADDR_MENTION_RESOLVE_RETRY
#define GETADDR_WARN_ON_SIGNAL
static bool addrlist_match(const struct openvpn_sockaddr *a1, const struct addrinfo *addrlist)
void establish_socks_proxy_passthru(struct socks_proxy_info *p, socket_descriptor_t sd, const char *host, const char *servname, struct event_timeout *server_poll_timeout, struct signal_info *sig_info)
Definition socks.c:448
void establish_socks_proxy_udpassoc(struct socks_proxy_info *p, socket_descriptor_t ctrl_sd, struct openvpn_sockaddr *relay_addr, struct event_timeout *server_poll_timeout, struct signal_info *sig_info)
Definition socks.c:512
Definition argv.h:35
Wrapper structure for dynamically allocated memory.
Definition buffer.h:60
int len
Length in bytes of the actual content within the allocated memory.
Definition buffer.h:65
int offset
Offset in bytes of the actual content within the allocated memory.
Definition buffer.h:63
Definition socket.h:66
const char * hostname
Definition socket.h:67
int ai_family
Definition socket.h:69
const char * servname
Definition socket.h:68
int flags
Definition socket.h:70
struct addrinfo * ai
Definition socket.h:71
struct cached_dns_entry * next
Definition socket.h:72
Definition options.h:104
struct local_list * local_list
Definition options.h:105
bool bind_local
Definition options.h:115
const char * remote
Definition options.h:111
const char * socks_proxy_port
Definition options.h:121
struct http_proxy_options * http_proxy_options
Definition options.h:119
bool bind_ipv6_only
Definition options.h:114
bool remote_float
Definition options.h:112
const char * remote_port
Definition options.h:110
const char * socks_proxy_server
Definition options.h:120
int mtu_discover_type
Definition options.h:136
int proto
Definition options.h:106
sa_family_t af
Definition options.h:107
unsigned int flags
Definition options.h:159
struct connection_entry ** array
Definition options.h:201
struct link_socket_addr * link_socket_addrs
Local and remote addresses on the external network.
Definition openvpn.h:159
int link_sockets_num
Definition openvpn.h:158
struct http_proxy_info * http_proxy
Definition openvpn.h:189
struct socks_proxy_info * socks_proxy
Definition openvpn.h:193
struct cached_dns_entry * dns_cache
Definition openvpn.h:167
struct tuntap * tuntap
Tun/tap virtual network interface.
Definition openvpn.h:172
struct event_timeout server_poll_interval
Definition openvpn.h:408
const struct link_socket * accept_from
Definition openvpn.h:242
struct frame frame
Definition openvpn.h:248
struct link_socket ** link_sockets
Definition openvpn.h:237
Contains all state information for one tunnel.
Definition openvpn.h:474
int mode
Role of this context within the OpenVPN process.
Definition openvpn.h:487
struct signal_info * sig
Internal error signaling object.
Definition openvpn.h:503
struct plugin_list * plugins
List of plug-ins.
Definition openvpn.h:505
struct context_2 c2
Level 2 context.
Definition openvpn.h:517
struct options options
Options loaded from command line or configuration file.
Definition openvpn.h:475
struct gc_arena gc
Garbage collection arena for allocations done in the scope of this context structure.
Definition openvpn.h:495
struct context_1 c1
Level 1 context.
Definition openvpn.h:516
struct link_socket * sock
Definition event.h:148
union event_arg::@1 u
event_arg_t type
Definition event.h:144
Packet geometry parameters.
Definition mtu.h:103
Garbage collection arena used to keep track of dynamically allocated memory.
Definition buffer.h:116
struct http_proxy_options options
Definition proxy.h:70
const char * port
Definition proxy.h:47
const char * server
Definition proxy.h:46
Definition options.h:97
const char * port
Definition options.h:99
int proto
Definition options.h:100
const char * local
Definition options.h:98
struct local_entry ** array
Definition options.h:193
struct man_connection connection
Definition manage.h:335
union openvpn_sockaddr::@27 addr
struct sockaddr sa
Definition socket_util.h:42
struct sockaddr_in in4
Definition socket_util.h:43
struct sockaddr_in6 in6
Definition socket_util.h:44
int resolve_retry_seconds
Definition options.h:367
int rcvbuf
Definition options.h:416
const char * ip_remote_hint
Definition options.h:369
HANDLE msg_channel
Definition options.h:695
struct connection_entry ce
Definition options.h:290
const char * ipchange
Definition options.h:317
int mode
Definition options.h:262
char * bind_dev
Definition options.h:421
int sndbuf
Definition options.h:417
int mark
Definition options.h:420
unsigned int sockflags
Definition options.h:424
const char * dev_node
Definition options.h:320
DWORD flags
Definition win32.h:211
struct buffer buf
Definition win32.h:221
DWORD size
Definition win32.h:210
OVERLAPPED overlapped
Definition win32.h:209
struct buffer buf_init
Definition win32.h:220
int addrlen
Definition win32.h:219
bool addr_defined
Definition win32.h:213
int iostate
Definition win32.h:208
struct sockaddr_in6 addr6
Definition win32.h:217
struct sockaddr_in addr
Definition win32.h:216
HANDLE write
Definition win32.h:82
HANDLE read
Definition win32.h:81
const char * signal_text
Definition sig.h:44
volatile int signal_received
Definition sig.h:42
volatile int source
Definition sig.h:43
bool is_handle
Definition socket.h:261
bool prepend_sa
Definition socket.h:262
char server[128]
Definition socks.h:40
const char * port
Definition socks.h:41
struct buffer buf
Definition socket.h:109
struct buffer residual
Definition socket.h:105
bool residual_fully_formed
Definition socket.h:107
int maxlen
Definition socket.h:106
HANDLE msg_channel
Definition tun.h:88
Definition tun.h:183
enum tun_driver_type backend_driver
The backend driver that used for this tun/tap device.
Definition tun.h:193
OVERLAPPED dco_new_peer_ov
Definition tun.h:220
struct tuntap_options options
Definition tun.h:205
HANDLE hand
Definition tun.h:218
unsigned short sa_family_t
Definition syshead.h:396
#define SOCKET_UNDEFINED
Definition syshead.h:438
#define SOL_IP
Definition syshead.h:389
SOCKET socket_descriptor_t
Definition syshead.h:440
static int socket_defined(const socket_descriptor_t sd)
Definition syshead.h:448
#define ENABLE_IP_PKTINFO
Definition syshead.h:381
struct env_set * es
struct gc_arena gc
Definition test_ssl.c:154
void tun_open_device(struct tuntap *tt, const char *dev_node, const char **device_guid, struct gc_arena *gc)
Definition tun.c:6190
@ DRIVER_DCO
Definition tun.h:53
void init_net_event_win32(struct rw_handle *event, long network_events, socket_descriptor_t sd, unsigned int flags)
Definition win32.c:219
void overlapped_io_init(struct overlapped_io *o, const struct frame *frame, BOOL event_state)
Definition win32.c:169
void close_net_event_win32(struct rw_handle *event, socket_descriptor_t sd, unsigned int flags)
Definition win32.c:274
char * overlapped_io_state_ascii(const struct overlapped_io *o)
Definition win32.c:198
void overlapped_io_close(struct overlapped_io *o)
Definition win32.c:185
static bool defined_net_event_win32(const struct rw_handle *event)
Definition win32.h:93
#define IOSTATE_IMMEDIATE_RETURN
Definition win32.h:207
#define IOSTATE_INITIAL
Definition win32.h:205
#define IOSTATE_QUEUED
Definition win32.h:206